View details for a scan on a web application which is in the user’s scope. Want to find a scan ID to use as input? See Search scans.
Permissions required - User must have WAS module enabled. The user account must have these permissions: Access Permission “API Access”. The output includes authentication records in the user's scope.
The element “id” (integer) is required, where “id” identifies the scan.
Let us view the details for the scan with the ID 1447989.
API request
curl -n -u "USERNAME:PASSWORD" "<qualys_base_url>/qps/rest/3.0/get/was/wasscan/1447989"
XML response
<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="<qualys_base_url>/qps/xsd/3.0/was/wasscan.xsd">
<responseCode>SUCCESS</responseCode>
<count>1</count>
<data>
<WasScan>
<id>1447989</id>
<name>
<![CDATA[My Vulnerability Scan]]>
</name>
<reference>was/1446408743390.1856849</reference>
<type>VULNERABILITY</type>
<mode>ONDEMAND</mode>
<progressiveScanning>DISABLED</progressiveScanning>
<multi>false</multi>
<target>
<webApp>
<id>2431279</id>
<name>
<![CDATA[127.0.0.1]]>
</name>
<url>
<![CDATA[http://127.0.0.1/]]>
</url>
</webApp>
<scannerAppliance>
<type>EXTERNAL</type>
</scannerAppliance>
<cancelOption>SPECIFIC</cancelOption>
</target>
<profile>
<id>28147</id>
<name>
<![CDATA[My Option Profile]]>
</name>
</profile>
<options>
<count>15</count>
<list>
<WasScanOption>
<name>My Authentication Record</name>
<value>
<![CDATA[None]]>
</value>
</WasScanOption>
<WasScanOption>
<name>Unexpected Error Threshold</name>
<value>
<![CDATA[48]]>
</value>
</WasScanOption>
<WasScanOption>
<name>Sensitive Content: Credit Card Numbers</name>
<value>
<![CDATA[false]]>
</value>
</WasScanOption>
<WasScanOption>
<name>Performance Settings</name>
<value>
<![CDATA[MEDIUM]]>
</value>
</WasScanOption>
<WasScanOption>
<name>Scanner Appliance</name>
<value>
<![CDATA[External]]>
</value>
</WasScanOption>
<WasScanOption>
<name>Detection Scope</name>
<value>
<![CDATA[COMPLETE]]>
</value>
</WasScanOption>
<WasScanOption>
<name>Crawling Form Submissions</name>
<value>
<![CDATA[NONE]]>
</value>
</WasScanOption>
<WasScanOption>
<name>Bruteforce Settings</name>
<value>
<![CDATA[MINIMAL]]>
</value>
</WasScanOption>
<WasScanOption>
<name>Option Profile Name</name>
<value>
<![CDATA[My Option Profile]]>
</value>
</WasScanOption>
<WasScanOption>
<name>Maximum Crawling Links</name>
<value>
<![CDATA[300]]>
</value>
</WasScanOption>
<WasScanOption>
<name>Timeout Error Threshold</name>
<value>
<![CDATA[20]]>
</value>
</WasScanOption>
<WasScanOption>
<name>Web Application Name</name>
<value>
<![CDATA[127.0.0.1]]>
</value>
</WasScanOption>
<WasScanOption>
<name>Request Parameter Set</name>
<value>
<![CDATA[Initial Parameters]]>
</value>
</WasScanOption>
<WasScanOption>
<name>Sensitive Content: Social Security Numbers (US)</name>
<value>
<![CDATA[false]]>
</value>
</WasScanOption>
<WasScanOption>
<name>Target URL</name>
<value>
<![CDATA[http://127.0.0.1/]]>
</value>
</WasScanOption>
</list>
</options>
<launchedDate>2017-11-01T20:12:23Z</launchedDate>
<launchedBy>
<id>2226741</id>
<username>user_ak1</username>
<firstName>
<![CDATA[Amy]]>
</firstName>
<lastName>
<![CDATA[Kim]]>
</lastName>
</launchedBy>
<status>CANCELED</status>
<cancelMode>USER</cancelMode>
<canceledBy>
<id>9872437571</id>
<username>user_bb5</username>
</canceledBy>
<sendMail>true</sendMail>
<sendOneMail>true</sendOneMail>
</WasScan>
</data>
</ServiceResponse>
When a scan has DNS override settings defined, the dnsOverride element lists DNS override settings (one or more records) used for scanning.
API request
curl -n -u "USERNAME:PASSWORD" "<qualys_base_url>/qps/rest/3.0/get/was/wasscan/1381602"
XML response
<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="<qualys_base_url>/qps/xsd/3.0/was/wasscan.xsd">
<responseCode>SUCCESS</responseCode>
<count>1</count>
<data>
<WasScan>
<id>1381602</id>
<name>
<![CDATA[My Scan]]>
</name>
<reference>was/1443153045656.1850463.1</reference>
<type>DISCOVERY</type>
<mode>ONDEMAND</mode>
<multi>false</multi>
<target>
<webApp>
<id>1932867</id>
<name>
<![CDATA[10.10.10.2]]>
</name>
<url>
<![CDATA[http://10.10.10.2/]]>
</url>
</webApp>
<dnsOverride>
<id>1421</id>
<name>
<![CDATA[DNS Override Settings 1]]>
</name>
</dnsOverride>
<scannerAppliance>
>>>
The progressiveScanning element will be included in the call response, if Progressive Scanning is enabled for the subscription. For all scans launched before this feature was enabled, the value “false” will be returned.
API request
curl -n -u "USERNAME:PASSWORD" "<qualys_base_url>/qps/rest/3.0/get/was/wasscan/31397"
XML response
<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="<qualys_base_url>/qps/xsd/3.0/was/wasscan.xsd">
<responseCode>SUCCESS</responseCode>
<count>1</count>
<data>
<WasScan>
<id>31397</id>
<name>
<![CDATA[Relaunch Relaunch Web Application Vulnerability Scan - 2018-08-13]]>
</name>
<reference>was/1413891468597.1792880</reference>
<type>VULNERABILITY</type>
<mode>ONDEMAND</mode>
<progressiveScanning>ENABLED</progressiveScanning>
...
<platform API server>/qps/xsd/3.0/was/wasscan.xsd