Ignore Findings

[POST] /qps/rest/3.0/ignore/was/finding

[POST] /qps/rest/3.0/ignore/was/finding/<id>

Ignore findings for a web application which is in the user’s scope.

Permissions required: User must have WAS module enabled. User account must have these permissions:

  • Access Permission API Access
  • Ignore Vulnerabilities permission

The output includes findings for web applications in the user's scope.

Input ParametersInput Parameters

These elements are optional and act as filters. When multiple elements are specified, parameters are combined using a logical AND.

Click here for available operators

Parameter

Mandatory

/Optional

Data Type

Description

id

Optional

integer

ID of the finding (WebAppVuln, WebAppIg, or WebAppSensitiveContent).

uniqueId

Optional

value

The 36-bit unique id assigned to the finding.

For example:   

<Finding>
   <id>132990</id>
   <uniqueId>8a2c4d51-6d28-2b92-e053-2943720a74ab</uniqueId>
    <qid>150004</qid>
...

qid

Optional

integer

Qualys ID assigned to the detection.

name

Optional

text

Name of the detection finding.

type

Optional

keyword

Type of the finding: VULNERABILITY, SENSITIVE_CONTENT, or INFORMATION_GATHERED.

url

Optional

text

URL of the web application on which the finding was detected.

webApp.tags.id

Optional

date

ID of the tag associated with the web application on which the finding was detected.

webApp.tags.name

Optional

text

Name of the tag associated with the web application on which the finding was detected.

status

Optional

keyword

Status of the finding: NEW, ACTIVE, REOPENED, PROTECTED and FIXED.

patch

Optional

integer-long

Use WAF to protect against vulnerabilities by installing virtual patches.

webApp.id

Optional

integer

ID of the web application on which the finding was detected.

webApp.name

Optional

text

Name of the web application on which the finding was detected.

severity

Optional

integer

Severity of the finding.

externalRef

Optional

string

Use operator IS EMPTY for findings with empty external references.

ignoredDate

Optional

date

The date on which the finding was marked to ignore.

ignoredReason

Optional

keyword

The reason for which the finding is ignored: FALSE_POSITIVE, RISK_ACCEPTED or NOT_APPLICABLE

group

Optional

keyword

XSS, SQL, INFO, PATH, CC, SSN_US or CUSTOM

reactivateDate

Optional

date

Specify the date after which the ignored finding should be re-activated. The date/time is specified in YYYY-MM-DD format.

reactivateIn

 

Optional

integer

 

Specify the number of days after which the ignored finding should be reactivated.

ReactivateDate and reactivateIn are mutually exclusive parameters and cannot be used together. You can use only either of them for a finding.

owasp.name

Optional

text

Name of the OWASP vulnerability.

owasp.code

Optional

integer

Code associated with the OWASP vulnerability

wasc.name

Optional

text

Name of the vulnerability.

wasc.code

Optional

integer

Code of the vulnerability.

cwe.id

Optional

integer

ID associated with CWE.

firstDetectedDate

Optional

date

The date when the finding was first detected in the web application,

lastDetectedDate

Optional

date

The date when the finding was last detected in the web application.

lastTestedDate

 Optional date

The date when the finding was last tested in the web application.

timesDetected

 Optional integer

The count indicates the number of times the finding was detected.

severity level

 Optional integer

The severity associated with the finding:1,2,3,4,5

Sample - Ignore a specific findingSample - Ignore a specific finding

API request:

curl -n -u "USERNAME:PASSWORD" "<qualys_base_url>/qps/rest/3.0/ignore/was/finding/1645195669"

Request POST data:

<ServiceRequest>
    <data>
        <Finding>
            <id>1645195669</id>
            <ignoredReason>FALSE_POSITIVE</ignoredReason>
            <ignoredComment>test</ignoredComment>
        </Finding>
    </data>
</ServiceRequest>

XML response:

<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="<qualys_base_url>/qps/xsd/3.0/was/finding.xsd">
    <responseCode>SUCCESS</responseCode>
    <count>1</count>
    <data>
        <Finding>
            <id>1645195669</id>
            <uniqueId>8a2c4d51-6d28-2b92-e053-2943720a74ab</uniqueId>
        </Finding>
    </data>
</ServiceResponse>

Sample - Reactivate an ignored finding (date)Sample - Reactivate an ignored finding (date)

API request:

curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST"
--data-binary @-
"<qualys_base_url>/qps/rest/3.0/ignore/was/finding/"
Note: "file.xml" contains the request POST data.

Request POST data:

<ServiceRequest>
    <data>
        <Finding>
            <id>927823</id>
            <ignoredReason>FALSE_POSITIVE</ignoredReason>
            <ignoredComment>test</ignoredComment>
            <reactivateDate>2018-11-14</reactivateDate>
        </Finding>
    </data>
</ServiceRequest>

XML response:

<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="<qualys_base_url>/qps/xsd/3.0/
was/finding.xsd">
    <responseCode>SUCCESS</responseCode>
    <count>1</count>
    <data>
        <Finding>
            <id>927823</id>
            <uniqueId>8a2c4d51-6d28-2b92-e053-2943720a74ab</uniqueId>
        </Finding>
    </data>
</ServiceResponse>

Sample - Reactivate an ignored finding (day)Sample - Reactivate an ignored finding (day)

API request:

curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST"
--data-binary @-
"<qualys_base_url>/qps/rest/3.0/ignore/was/finding/"
Note: "file.xml" contains the request POST data.

Request POST data:

<ServiceRequest>
    <data>
        <Finding>
            <id>927913</id>
            <ignoredReason>FALSE_POSITIVE</ignoredReason>
            <ignoredComment>test</ignoredComment>
            <reactivateIn>1</reactivateIn>
        </Finding>
    </data>
</ServiceRequest>

XML response:

<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="<qualys_base_url>/qps/xsd/3.0/was/finding.xsd">
    <responseCode>SUCCESS</responseCode>
    <count>1</count>
    <data>
        <Finding>
            <id>927913</id>
            <uniqueId>8a2c4d51-6d28-2b92-e053-2943720a74ab</uniqueId>
        </Finding>
    </data>
</ServiceResponse>

Sample - Ignore multiple findingsSample - Ignore multiple findings

API request:

curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST"
--data-binary @-
"<qualys_base_url>/qps/rest/3.0/ignore/was/finding/"
Note: "file.xml" contains the request POST data.

Request POST data:

<ServiceRequest>
    <filters>
        <Criteria field="id" operator="NOT EQUALS">1231056</Criteria>
        <Criteria field="type" operator="NOT EQUALS">INFORMATION_GATHERED</Criteria>
    </filters>
    <data>
        <Finding>
            <ignoredReason>FALSE_POSITIVE</ignoredReason>
            <ignoredComment>test</ignoredComment>
        </Finding>
    </data>
</ServiceRequest>

When you are trying to ignore findings, make sure that type of finding is passed in data is not of INFORMATION_GATHERED type as they cannot be ignored. This can be ensured by using type not equals INFORMATION_GATHERED tag when using NOT EQUALS, GREATER or LESSER operator.

XML response:

<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="<qualys_base_url>/qps/xsd/3.0/was/finding.xsd">
    <responseCode>SUCCESS</responseCode>
    <count>27</count>
    <data>
        <Finding>
            <id>1231057</id>
            <uniqueId>8a2c4d51-6d28-2b92-e053-2943720a74ab</uniqueId>
        </Finding>
        <Finding>
            <id>1231058</id>
            <uniqueId>5a2c4d51-5d28-2b92-e053-2943720a32ab</uniqueId>
        </Finding>
        <Finding>
            <id>1231059</id>
            <uniqueId>4a2c4d51-8d28-2b92-e053-2943720a16ab</uniqueId>
        </Finding>
        <Finding>
            <id>1231060</id>
            <uniqueId>3a2c4d51-9d28-2b92-e053-2943720a90ab</uniqueId>
        </Finding>
       …
    </data>
</ServiceResponse>

Sample - Ignore finding using uniqueIdSample - Ignore finding using uniqueId

As every uniqueId is unique, using uniqueId, you could ignore the exact finding.

API request:

curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST" --data-binary @-
"<qualys_base_url>/qps/rest/3.0/ignore/was/finding/8a2c4d51-6d28-2b92-e053-2943720a74ab" < file.xml
Note: “file.xml” contains the request POST data.

Request POST data:

<ServiceRequest>
    <data>
        <Finding>
            <ignoredReason>FALSE_POSITIVE</ignoredReason>
            <ignoredComment>test</ignoredComment>
        </Finding>
    </data>
</ServiceRequest>

XML response:

<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="<qualys_base_url>/qps/xsd/3.0/was/finding.xsd">
    <responseCode>SUCCESS</responseCode>
    <count>1</count>
    <data>
        <Finding>
            <id>132990</id>
            <uniqueId>8a2c4d51-6d28-2b92-e053-2943720a74ab</uniqueId>
        </Finding>
    </data>
</ServiceResponse>

XSD

<platform API server>/qps/xsd/3.0/was/finding.xsd

© 2025 Qualys, Inc. All rights reserved. Privacy Policy.