Create a Schedule (single web application)
Create a scheduled scan on a web application that is in the user’s scope.
Permissions required: User must have WAS module enabled. User account must have these permissions:
- Access Permission API Access
- Create WAS Schedule permission
The output includes schedules in the user's scope.
Input ParametersInput Parameters
These elements are optional and act as filters. When multiple elements are specified, parameters are combined using a logical AND. See Reference: WasScanSchedule for descriptions of these <WasScanSchedule> elements
Click here for available operators
|
Parameter |
Mandatory /Optional |
Data Type |
Description |
|---|---|---|---|
|
name |
Optional |
text |
Name of the schedule. |
|
target.webApp.id1 |
Optional |
integer |
The web applications to be scanned. |
|
type |
Optional |
keyword |
The scheduled scan type: VULNERABILITY or DISCOVERY. |
|
profile.id2 |
Optional |
integer |
The name of the option profile that includes scan settings. The service provides the profile “Initial WAS Options” and we recommend this to get started. Example:
|
|
startDate |
Optional |
date |
The date when the schedule starts in UTC date/time format. |
|
timeZone |
Optional |
text |
The timezone in which the scan is scheduled in UTC date/time format. |
|
occurrenceType |
Optional |
keyword |
The frequency of the scheduled scan : ONCE, DAILY, WEEKLY or MONTHLY. |
|
notification |
Optional |
boolean |
A flag indicating whether email notification is enabled for scheduled scan. |
|
reschedule |
Optional |
boolean |
Set this flag to reschedule the scan. |
|
target.scannerAppliance.type |
Optional |
keyword |
The type of scanner appliance used for the scan: EXTERNAL or INTERNAL or scannerTags. |
|
target.scannerAppliance. friendlyName |
Optional |
text |
Name of the scanner appliance used for the scan. |
|
target.scannerTags.set.Tag.id |
Optional |
integer |
The scanner associated with the tag (identified by the specified tag ID) is picked for the scan. |
|
target.webAppAuthRecord.id or target.webAppAuthRecord. isDefault |
Optional |
integer/boolean |
Decides the authentication record to be used for the scan. target.webAppAuthRecord.id (integer): Specify the web application's authentication record ID to use the specific authentication record. target.webAppAuthRecord.isDefault (boolean): Set to true to use the default web application's authentication record for the scan. |
|
options |
Optional |
keyword: ANY, ALL |
Decides which web applications should be excluded from the scan.
|
|
proxy.id |
Optional |
integer |
The proxy for scanning the target web application. Example: <proxy> <id>12345</id> </proxy> |
|
dnsOverride.id |
Optional |
integer |
The DNS override record for scanning the target web application. Example: <dnsOverride> <id>67890</id> </dnsOverride> |
|
cancelOption |
Optional |
keyword: DEFAULT, SPECIFIC |
|
|
sendMail |
Optional |
boolean |
Set to false to disable scan complete email notifications. Example: <sendMail>false</sendMail> |
|
sendMailFromAddressOption |
Optional |
Identifies the sender of the scan complete notifications. The valid values are: QUALYS_SUPPORT and OWNER. OWNER means the user whose account is used to create the schedule. Example:<sendMailFromAddressOption>QUALYS_ SUPPORT</sendMailFromAddressOption> Example:<sendMailFromAddressOption>OWNER </sendMailFromAddressOption>
To set this parameter, the sendMail parameter must be set to true. If the sendMail parameter is true, then sendMailFromAddressOption is by default set to QUALYS_SUPPORT. You can change the value of the parameter to OWNER. |
The element target must have at least tags or web applications specified.
The element profile (text) is required unless the target has a default option profile.
Sample - Create a new weekly scheduleSample - Create a new weekly schedule
Let us create a new web application called “My Web Application” that has the starting URL “http://mywebapp.com”. The default web application settings are assigned automatically.
API request:
curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST" --data-binary @-
"<qualys_base_url>/qps/rest/3.0/create/was/wasscanschedule" < file.xml
Note: “file.xml” contains the request POST data.
Request POST data:
<ServiceRequest>
<data>
<WasScanSchedule>
<name>
<![CDATA[Create Schedule from API3 - using Reschedule]]>
</name>
<type>VULNERABILITY</type>
<active>false</active>
<scheduling>
<cancelAfterNHours>8</cancelAfterNHours>
<startDate>2017-09-06T09:50:11Z</startDate>
<timeZone>
<code>America/Vancouver</code>
<offset>-07:00</offset>
</timeZone>
<occurrenceType>WEEKLY</occurrenceType>
<occurrence>
<weeklyOccurrence>
<everyNWeeks>2</everyNWeeks>
<occurrenceCount>20</occurrenceCount>
<onDays>
<WeekDay>SATURDAY</WeekDay>
<WeekDay>SUNDAY</WeekDay>
</onDays>
</weeklyOccurrence>
</occurrence>
</scheduling>
<notification>
<active>true</active>
<reschedule>true</reschedule>
<delay>
<nb>1</nb>
<scale>DAY</scale>
</delay>
<message>
<![CDATA[A Qualys scan is scheduled to start soon.]]>
</message>
</notification>
<target>
<webApp>
<id>1296335669</id>
</webApp>
<webAppAuthRecord>
<id>175535669</id>
</webAppAuthRecord>
</target>
<profile>
<id>712265669</id>
</profile>
</WasScanSchedule>
</data>
</ServiceRequest>
XML response:
<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="<qualys_base_url>/qps/xsd/3.0/was/wasscanschedule.xsd">
<responseCode>SUCCESS</responseCode>
<count>1</count>
<data>
<WasScanSchedule>
<id>203285669</id>
<name>
<![CDATA[Create Schedule from API3 - using Reschedule]]>
</name>
<owner>
<id>8792415669</id>
<username>joe_user</username>
<firstName>
<![CDATA[Customer_2.6_1]]>
</firstName>
<lastName>
<![CDATA[pocm]]>
</lastName>
</owner>
<active>false</active>
<type>VULNERABILITY</type>
<target>
<webApp>
<id>1296335669</id>
<name>
<![CDATA[My Web Application]]>
</name>
<url>
<![CDATA[http://10.10.26.238]]>
</url>
</webApp>
<webAppAuthRecord>
<id>175535669</id>
<name>
<![CDATA[AR1]]>
</name>
</webAppAuthRecord>
<scannerAppliance>
<type>EXTERNAL</type>
</scannerAppliance>
</target>
<profile>
<id>712265669</id>
<name>
<![CDATA[Initial WAS Options]]>
</name>
</profile>
<scheduling>
<startDate>2017-09-06T09:50:00Z</startDate>
<timeZone>
<code>America/Vancouver</code>
<offset>-07:00</offset>
</timeZone>
<occurrenceType>ONCE</occurrenceType>
<cancelAfterNHours>8</cancelAfterNHours>
</scheduling>
<notification>
<active>true</active>
<reschedule>true</reschedule>
<delay>
<nb>1</nb>
<scale>DAY</scale>
</delay>
<message>
<![CDATA[A Qualys scan is scheduled to start soon.]]>
</message>
</notification>
<launchedCount>0</launchedCount>
<createdDate>2017-08-27T22:30:59Z</createdDate>
<createdBy>
<id>8792415669</id>
<username>john_doe</username>
<firstName>
<![CDATA[Customer_2.6_1]]>
</firstName>
<lastName>
<![CDATA[doe]]>
</lastName>
</createdBy>
<updatedDate>2017-08-27T22:31:00Z</updatedDate>
<updatedBy>
<id>8792415669</id>
<username>user_john</username>
<firstName>
<![CDATA[John]]>
</firstName>
<lastName>
<![CDATA[Smith]]>
</lastName>
</updatedBy>
<sendMail>true</sendMail>
<sendOneMail>true</sendOneMail>
</WasScanSchedule>
</data>
</ServiceResponse>
Sample - Create a new schedule - cancel scan optionSample - Create a new schedule - cancel scan option
Create a new vulnerability scan schedule on web app ID 2376281 and set the cancel scan option to SPECIFIC. Scans launched from this schedule will always use the cancel scan option passed with the schedule settings and will override the target web app’s cancel scan setting, if set.
API request:
curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST" --data-binary @-
"<qualys_base_url>/qps/rest/3.0/create/was/wasscanschedule" < file.xml
Note: “file.xml” contains the request POST data.
Request POST data:
<ServiceRequest>
<data>
<WasScanSchedule>
<name>
<![CDATA[My Scan Schedule]]>
</name>
<type>VULNERABILITY</type>
<scheduling>
<cancelAfterNHours>7</cancelAfterNHours>
<startDate>2017-09-30T13:11:00Z</startDate>
<timeZone>
<code>America/Dawson</code>
</timeZone>
<occurrenceType>ONCE</occurrenceType>
</scheduling>
<target>
<webApp>
<id>2376281</id>
</webApp>
<scannerAppliance>
<type>EXTERNAL</type>
</scannerAppliance>
<cancelOption>SPECIFIC</cancelOption>
</target>
<profile>
<id>332147</id>
</profile>
</WasScanSchedule>
</data>
</ServiceRequest>
XML response:
<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="<qualys_base_url>/qps/xsd/3.0/was/wasscanschedule.xsd">
<responseCode>SUCCESS</responseCode>
<count>1</count>
<data>
<WasScanSchedule>
<id>325624</id>
<name>
<![CDATA[My Scan Schedule]]>
</name>
<owner>
<id>2086786</id>
<username>user_john</username>
<firstName>
<![CDATA[John]]>
</firstName>
<lastName>
<![CDATA[Doe]]>
</lastName>
</owner>
<active>true</active>
<type>VULNERABILITY</type>
<target>
<webApp>
<id>2376281</id>
<name>
<![CDATA[My Web App]]>
</name>
<url>
<![CDATA[http://10.10.26.238]]>
</url>
</webApp>
<scannerAppliance>
<type>EXTERNAL</type>
</scannerAppliance>
<cancelOption>SPECIFIC</cancelOption>
</target>
<progressiveScanning>DEFAULT</progressiveScanning>
<profile>
<id>332147</id>
<name>
<![CDATA[10 links]]>
</name>
</profile>
<scheduling>
<startDate>2017-09-30T13:11:00Z</startDate>
<timeZone>
<code>America/Dawson</code>
<offset>-07:00</offset>
</timeZone>
<occurrenceType>ONCE</occurrenceType>
<cancelAfterNHours>7</cancelAfterNHours>
</scheduling>
<notification>
<active>false</active>
</notification>
<nextLaunchDate>2017-09-30T20:11:00Z</nextLaunchDate>
<launchedCount>0</launchedCount>
<createdDate>2017-06-26T20:54:30Z</createdDate>
<createdBy>
<id>2086786</id>
<username>user_john</username>
<firstName>
<![CDATA[John]]>
</firstName>
<lastName>
<![CDATA[Doe]]>
</lastName>
</createdBy>
<updatedDate>2017-06-26T20:54:30Z</updatedDate>
<updatedBy>
<id>2086786</id>
<username>user_john</username>
<firstName>
<![CDATA[John]]>
</firstName>
<lastName>
<![CDATA[Doe]]>
</lastName>
</updatedBy>
<sendMail>true</sendMail>
<sendOneMail>false</sendOneMail>
</WasScanSchedule>
</data>
</ServiceResponse>
Sample - Create a new schedule - assign multiple scannersSample - Create a new schedule - assign multiple scanners
Let us schedule a discovery scan on the web application and assign the pool of scanners using the asset tag ID.
API request:
curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST" --data-binary @-"<qualys_base_url>/qps/rest/3.0/create/was/wasscanschedule"< file.xml
Note: “file.xml” contains the request POST data.
Request POST data:
<ServiceRequest>
<data>
<WasScanSchedule>
<name>
<![CDATA[Scheduled Scan With Pool of Internal Scanners]>
</name>
<type>VULNERABILITY</type>
<active>false</active>
<scheduling>
<cancelAfterNHours>10</cancelAfterNHours>
<startDate>2017-01-10T13:55:35Z</startDate>
<timeZone>
<code>Europe/Istanbul</code>
<offset>+02:00</offset>
</timeZone>
<occurrenceType>ONCE</occurrenceType>
</scheduling>
<notification>
<active>false</active>
</notification>
<target>
<webApp>
<id>522066</id>
</webApp>
<scannerTags>
<set>
<Tag>
<id>15415353311147</id>
</Tag>
</set>
</scannerTags>
</target>
<profile>
<id>53483</id>
</profile>
</WasScanSchedule>
</data>
</ServiceRequest>
XML response:
<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="<qualys_base_url>/qps/xsd/3.0/was/wasscanschedule.xsd">
<responseCode>SUCCESS</responseCode>
<count>1</count>
<data>
<WasScanSchedule>
<id>141147</id>
<name>
<![CDATA[Scheduled Scan With Pool of Internal Scanners]]>
</name>
<owner>
<id>1056860</id>
<username>user_john</username>
<firstName>
<![CDATA[John]]>
</firstName>
<lastName>
<![CDATA[Doe]]>
</lastName>
</owner>
<active>false</active>
<multi>false</multi>
<type>VULNERABILITY</type>
<target>
<webApp>
<id>522065</id>
<name>
<![CDATA[My Web Application]]>
</name>
<url>
<![CDATA[http://mywebapp.com]]>
</url>
</webApp>
<scannerTags>
<set>
<Tag>
<id>8461819</id>
</Tag>
</set>
</scannerTags>
</target>
<progressiveScanning>DEFAULT</progressiveScanning>
<profile>
<id>194283</id>
<name>
<![CDATA[Initial WAS Options]]>
</name>
</profile>
<scheduling>
<startDate>2017-01-10T13:55:00Z</startDate>
<timeZone>
<code>Europe/Istanbul</code>
<offset>+02:00</offset>
</timeZone>
<occurrenceType>ONCE</occurrenceType>
<cancelAfterNHours>10</cancelAfterNHours>
</scheduling>
<notification>
<active>false</active>
<reschedule>false</reschedule>
</notification>
<launchedCount>0</launchedCount>
<createdDate>2017-01-12T11:54:07Z</createdDate>
<createdBy>
<id>1056860</id>
<username>user_john</username>
<firstName>
<![CDATA[John]]>
</firstName>
<lastName>
<![CDATA[Doe]]>
</lastName>
</createdBy>
<updatedDate>2017-01-12T11:54:09Z</updatedDate>
<updatedBy>
<id>1056860</id>
<username>user_john</username>
<firstName>
<![CDATA[John]]>
</firstName>
<lastName>
<![CDATA[Doe]]>
</lastName>
</updatedBy>
<sendMail>true</sendMail>
<sendOneMail>false</sendOneMail>
</WasScanSchedule>
</data>
</ServiceResponse>
Sample - Create or update schedule for progressive scanningSample - Create or update schedule for progressive scanning
The user will be able to set progressiveScanning to ENABLED, DISABLED or DEFAULT, if progressiveScanning is enabled for the subscription. If this option is not set for a new schedule, the value DEFAULT is used.
API request:
curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST" --data-binary @-"<qualys_base_url>/qps/rest/3.0/create/was/wasscanschedule"< file.xml
Note: “file.xml” contains the request POST data.
Request POST data:
<ServiceRequest>
<data>
<WasScanSchedule>
<name>
<![CDATA[Schedule with enabled progressiveScanning]]>
</name>
<type>VULNERABILITY</type>
<active>false</active>
<scheduling>
<startDate>2019-01-30T12:40:27Z</startDate>
<timeZone>
<code>Asia/Kolkata</code>
<offset>+05:30</offset>
</timeZone>
<occurrenceType>ONCE</occurrenceType>
</scheduling>
<notification>
<active>true</active>
<delay>
<nb>1</nb>
<scale>DAY</scale>
</delay>
<message>
<![CDATA[A scan is scheduled to start soon.]]>
</message>
</notification>
<target>
<webApps>
<set>
<WebApp>
<id>8389207</id>
</WebApp>
</set>
</webApps>
<scannerAppliance>
<type>EXTERNAL</type>
</scannerAppliance>
</target>
<progressiveScanning>ENABLED</progressiveScanning>
<profile>
<id>53483</id>
</profile>
</WasScanSchedule>
</data>
</ServiceRequest>
XML response:
<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="<qualys_base_url>/qps/xsd/3.0/was/wasscanschedule.xsd">
<responseCode>SUCCESS</responseCode>
<count>1</count>
<data>
<WasScanSchedule>
<id>8831789</id>
<name>
<![CDATA[Schedule with enabled progressiveScanning]]>
</name>
<owner>
<id>1056860</id>
<username>user_john</username>
<firstName>
<![CDATA[John]]>
</firstName>
<lastName>
<![CDATA[Doe]]>
</lastName>
</owner>
<active>false</active>
<multi>false</multi>
<type>VULNERABILITY</type>
<target>
<webApp>
<id>8389207</id>
<name>
<![CDATA[My Web Application]]>
</name>
<url>
<![CDATA[http://mywebapp.com]]>
</url>
</webApp>
<scannerAppliance>
<type>EXTERNAL</type>
</scannerAppliance>
</target>
<progressiveScanning>ENABLED</progressiveScanning>
<profile>
<id>53483</id>
<name>
<![CDATA[Scan OP]]>
</name>
</profile>
<scheduling>
<startDate>2019-01-30T12:40:00Z</startDate>
<timeZone>
<code>Asia/Kolkata</code>
<offset>+05:30</offset>
</timeZone>
<occurrenceType>ONCE</occurrenceType>
</scheduling>
<notification>
<active>true</active>
<reschedule>false</reschedule>
<delay>
<nb>1</nb>
<scale>DAY</scale>
</delay>
<message>
<![CDATA[A scan is scheduled to start soon.]]>
</message>
</notification>
<launchedCount>0</launchedCount>
<createdDate>2019-02-26T07:17:22Z</createdDate>
<createdBy>
<id>1056860</id>
<username>user_john</username>
<firstName>
<![CDATA[John]]>
</firstName>
<lastName>
<![CDATA[Doe]]>
</lastName>
</createdBy>
<updatedDate>2019-02-26T07:17:22Z</updatedDate>
<updatedBy>
<id>1056860</id>
<username>user_john</username>
<firstName>
<![CDATA[John]]>
</firstName>
<lastName>
<![CDATA[Doe]]>
</lastName>
</updatedBy>
<sendMail>true</sendMail>
<sendOneMail>false</sendOneMail>
<enableWAFAuth>false</enableWAFAuth>
</WasScanSchedule>
</data>
</ServiceResponse>
If Progressive Scanning is not enabled for the subscription, the progressiveScanning element cannot be provided, otherwise, an error will be returned.
XML response (error):
<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="<qualys_base_url>/qps/xsd/3.0/was/wasscanschedule.xsd">
<responseCode>INVALID_REQUEST</responseCode>
<responseErrorDetails>
<errorMessage>Progressive scanning is not enabled in your subscription.</errorMessage>
<errorResolution>Please check with your account manager to enable this option.</errorResolution>
</responseErrorDetails>
</ServiceResponse>
XSD
<platform API server>/qps/xsd/3.0/was/wasscanschedule.xsd