Create a scheduled scan on a web application that is in the user’s scope.
Permissions required - User must have WAS module enabled. User account must have these permissions: Access Permission “API Access” and "Create WAS Schedule" permission. The output includes schedules in the user's scope.
These elements are optional and act as filters. When multiple elements are specified, parameters are combined using a logical AND. See Reference: WasScanSchedule for descriptions of these <WasScanSchedule> elements
Click here for available operators
|
Parameter |
Mandatory /Optional |
Data Type |
Description |
|---|---|---|---|
|
name |
Optional |
text |
Name of the schedule. |
|
target.webApp.id1 |
Optional |
integer |
The web applications to be scanned. |
|
type |
Optional |
keyword |
The scheduled scan type: VULNERABILITY or DISCOVERY. |
|
profile.id2 |
Optional |
integer |
The name of the option profile that includes scan settings. The service provides the profile “Initial WAS Options” and we recommend this to get started. Example: <profile> <name>Initial WAS Options</name> </profile> |
|
startDate |
Optional |
date |
The date when the schedule starts in UTC date/time format. |
|
timeZone |
Optional |
text |
The timezone in which the scan is scheduled in UTC date/time format. |
|
occurrenceType |
Optional |
keyword |
The frequency of the scheduled scan : ONCE, DAILY, WEEKLY or MONTHLY. |
|
notification |
Optional |
boolean |
A flag indicating whether email notification is enabled for scheduled scan. |
|
reschedule |
Optional |
boolean |
Set this flag to reschedule the scan. |
|
target.scannerAppliance.type |
Optional |
keyword |
The type of scanner appliance used for the scan: EXTERNAL or INTERNAL or scannerTags. |
|
target.scannerAppliance. friendlyName |
Optional |
text |
Name of the scanner appliance used for the scan. |
|
target.scannerTags.set.Tag.id |
Optional | integer |
The scanner associated with the tag (identified by the specified tag ID) is picked for the scan. |
|
target.webAppAuthRecord.id or target.webAppAuthRecord. isDefault |
Optional | integer/boolean |
Decides the authentication record to be used for the scan. target.webAppAuthRecord.id (integer): Specify the web application's authentication record ID to use the specific authentication record. target.webAppAuthRecord.isDefault (boolean): Set to true to use the default web application's authentication record for the scan. |
|
options |
Optional | keyword: ANY, ALL |
Decides which web applications should be excluded from the scan. ALL : Only the web applications associated with all the specified tags are excluded from the scan. ANY : Only the web applications associated with any of the specified tags are excluded from the scan. |
|
proxy.id |
Optional | integer |
The proxy for scanning the target web application. Example: <proxy> <id>12345</id> </proxy> |
|
dnsOverride.id |
Optional | integer |
The DNS override record for scanning the target web application. Example: <dnsOverride> <id>67890</id> </dnsOverride> |
|
cancelOption |
Optional | keyword: DEFAULT, SPECIFIC |
Set to DEFAULT - Forces the use of the target web app’s cancelScans option if set, else fall back to the one passed in to the API while launching the scan. set to SPECIFIC - Always use the cancel scan option passed while launching the scan. |
|
sendMail |
Optional | boolean |
Set to false to disable scan complete email notifications. Example:<sendMail>false</sendMail> |
|
sendMailFromAddressOption |
Optional |
Identifies the sender of the scan complete notifications. The valid values are: QUALYS_SUPPORT and OWNER. OWNER means the user whose account is used to create the schedule. Example:<sendMailFromAddressOption>QUALYS_ SUPPORT</sendMailFromAddressOption> Example:<sendMailFromAddressOption>OWNER </sendMailFromAddressOption>
To set this parameter, the sendMail parameter must be set to true. If the sendMail parameter is true, then sendMailFromAddressOption is by default set to QUALYS_SUPPORT. You can change the value of the parameter to OWNER. |
1 The element target must have at least tags or web applications specified.
2 The element profile (text) is required unless the target has a default option profile.
Let us create a new web application called “My Web Application” that has the starting URL “http://mywebapp.com”. The default web application settings are assigned automatically.
API request
curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST" --data-binary @-
"<qualys_base_url>/qps/rest/3.0/create/was/wasscanschedule" < file.xml
Note: “file.xml” contains the request POST data.
Request POST data
<ServiceRequest>
<data>
<WasScanSchedule>
<name>
<![CDATA[Create Schedule from API3 - using Reschedule]]>
</name>
<type>VULNERABILITY</type>
<active>false</active>
<scheduling>
<cancelAfterNHours>8</cancelAfterNHours>
<startDate>2017-09-06T09:50:11Z</startDate>
<timeZone>
<code>America/Vancouver</code>
<offset>-07:00</offset>
</timeZone>
<occurrenceType>WEEKLY</occurrenceType>
<occurrence>
<weeklyOccurrence>
<everyNWeeks>2</everyNWeeks>
<occurrenceCount>20</occurrenceCount>
<onDays>
<WeekDay>SATURDAY</WeekDay>
<WeekDay>SUNDAY</WeekDay>
</onDays>
</weeklyOccurrence>
</occurrence>
</scheduling>
<notification>
<active>true</active>
<reschedule>true</reschedule>
<delay>
<nb>1</nb>
<scale>DAY</scale>
</delay>
<message>
<![CDATA[A Qualys scan is scheduled to start soon.]]>
</message>
</notification>
<target>
<webApp>
<id>1296335669</id>
</webApp>
<webAppAuthRecord>
<id>175535669</id>
</webAppAuthRecord>
</target>
<profile>
<id>712265669</id>
</profile>
</WasScanSchedule>
</data>
</ServiceRequest>
XML response
<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="<qualys_base_url>/qps/xsd/3.0/was/wasscanschedule.xsd">
<responseCode>SUCCESS</responseCode>
<count>1</count>
<data>
<WasScanSchedule>
<id>203285669</id>
<name>
<![CDATA[Create Schedule from API3 - using Reschedule]]>
</name>
<owner>
<id>8792415669</id>
<username>joe_user</username>
<firstName>
<![CDATA[Customer_2.6_1]]>
</firstName>
<lastName>
<![CDATA[pocm]]>
</lastName>
</owner>
<active>false</active>
<type>VULNERABILITY</type>
<target>
<webApp>
<id>1296335669</id>
<name>
<![CDATA[My Web Application]]>
</name>
<url>
<![CDATA[http://10.10.26.238]]>
</url>
</webApp>
<webAppAuthRecord>
<id>175535669</id>
<name>
<![CDATA[AR1]]>
</name>
</webAppAuthRecord>
<scannerAppliance>
<type>EXTERNAL</type>
</scannerAppliance>
</target>
<profile>
<id>712265669</id>
<name>
<![CDATA[Initial WAS Options]]>
</name>
</profile>
<scheduling>
<startDate>2017-09-06T09:50:00Z</startDate>
<timeZone>
<code>America/Vancouver</code>
<offset>-07:00</offset>
</timeZone>
<occurrenceType>ONCE</occurrenceType>
<cancelAfterNHours>8</cancelAfterNHours>
</scheduling>
<notification>
<active>true</active>
<reschedule>true</reschedule>
<delay>
<nb>1</nb>
<scale>DAY</scale>
</delay>
<message>
<![CDATA[A Qualys scan is scheduled to start soon.]]>
</message>
</notification>
<launchedCount>0</launchedCount>
<createdDate>2017-08-27T22:30:59Z</createdDate>
<createdBy>
<id>8792415669</id>
<username>john_doe</username>
<firstName>
<![CDATA[Customer_2.6_1]]>
</firstName>
<lastName>
<![CDATA[doe]]>
</lastName>
</createdBy>
<updatedDate>2017-08-27T22:31:00Z</updatedDate>
<updatedBy>
<id>8792415669</id>
<username>user_john</username>
<firstName>
<![CDATA[John]]>
</firstName>
<lastName>
<![CDATA[Smith]]>
</lastName>
</updatedBy>
<sendMail>true</sendMail>
<sendOneMail>true</sendOneMail>
</WasScanSchedule>
</data>
</ServiceResponse>
Create a new vulnerability scan schedule on web app ID 2376281 and set the cancel scan option to SPECIFIC. Scans launched from this schedule will always use the cancel scan option passed with the schedule settings and will override the target web app’s cancel scan setting, if set.
API request
curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST" --data-binary @-
"<qualys_base_url>/qps/rest/3.0/create/was/wasscanschedule" < file.xml
Note: “file.xml” contains the request POST data.
Request POST data
<ServiceRequest>
<data>
<WasScanSchedule>
<name>
<![CDATA[My Scan Schedule]]>
</name>
<type>VULNERABILITY</type>
<scheduling>
<cancelAfterNHours>7</cancelAfterNHours>
<startDate>2017-09-30T13:11:00Z</startDate>
<timeZone>
<code>America/Dawson</code>
</timeZone>
<occurrenceType>ONCE</occurrenceType>
</scheduling>
<target>
<webApp>
<id>2376281</id>
</webApp>
<scannerAppliance>
<type>EXTERNAL</type>
</scannerAppliance>
<cancelOption>SPECIFIC</cancelOption>
</target>
<profile>
<id>332147</id>
</profile>
</WasScanSchedule>
</data>
</ServiceRequest>
XML response
<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="<qualys_base_url>/qps/xsd/3.0/was/wasscanschedule.xsd">
<responseCode>SUCCESS</responseCode>
<count>1</count>
<data>
<WasScanSchedule>
<id>325624</id>
<name>
<![CDATA[My Scan Schedule]]>
</name>
<owner>
<id>2086786</id>
<username>user_john</username>
<firstName>
<![CDATA[John]]>
</firstName>
<lastName>
<![CDATA[Doe]]>
</lastName>
</owner>
<active>true</active>
<type>VULNERABILITY</type>
<target>
<webApp>
<id>2376281</id>
<name>
<![CDATA[My Web App]]>
</name>
<url>
<![CDATA[http://10.10.26.238]]>
</url>
</webApp>
<scannerAppliance>
<type>EXTERNAL</type>
</scannerAppliance>
<cancelOption>SPECIFIC</cancelOption>
</target>
<progressiveScanning>DEFAULT</progressiveScanning>
<profile>
<id>332147</id>
<name>
<![CDATA[10 links]]>
</name>
</profile>
<scheduling>
<startDate>2017-09-30T13:11:00Z</startDate>
<timeZone>
<code>America/Dawson</code>
<offset>-07:00</offset>
</timeZone>
<occurrenceType>ONCE</occurrenceType>
<cancelAfterNHours>7</cancelAfterNHours>
</scheduling>
<notification>
<active>false</active>
</notification>
<nextLaunchDate>2017-09-30T20:11:00Z</nextLaunchDate>
<launchedCount>0</launchedCount>
<createdDate>2017-06-26T20:54:30Z</createdDate>
<createdBy>
<id>2086786</id>
<username>user_john</username>
<firstName>
<![CDATA[John]]>
</firstName>
<lastName>
<![CDATA[Doe]]>
</lastName>
</createdBy>
<updatedDate>2017-06-26T20:54:30Z</updatedDate>
<updatedBy>
<id>2086786</id>
<username>user_john</username>
<firstName>
<![CDATA[John]]>
</firstName>
<lastName>
<![CDATA[Doe]]>
</lastName>
</updatedBy>
<sendMail>true</sendMail>
<sendOneMail>false</sendOneMail>
</WasScanSchedule>
</data>
</ServiceResponse>
Let us schedule a discovery scan on the web application and assign the pool of scanners using the asset tag ID.
API request
curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST" --data-binary @-"<qualys_base_url>/qps/rest/3.0/create/was/wasscanschedule"< file.xml
Note: “file.xml” contains the request POST data.
Request POST data
<ServiceRequest>
<data>
<WasScanSchedule>
<name>
<![CDATA[Scheduled Scan With Pool of Internal Scanners]>
</name>
<type>VULNERABILITY</type>
<active>false</active>
<scheduling>
<cancelAfterNHours>10</cancelAfterNHours>
<startDate>2017-01-10T13:55:35Z</startDate>
<timeZone>
<code>Europe/Istanbul</code>
<offset>+02:00</offset>
</timeZone>
<occurrenceType>ONCE</occurrenceType>
</scheduling>
<notification>
<active>false</active>
</notification>
<target>
<webApp>
<id>522066</id>
</webApp>
<scannerTags>
<set>
<Tag>
<id>15415353311147</id>
</Tag>
</set>
</scannerTags>
</target>
<profile>
<id>53483</id>
</profile>
</WasScanSchedule>
</data>
</ServiceRequest>
XML response
<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="<qualys_base_url>/qps/xsd/3.0/was/wasscanschedule.xsd">
<responseCode>SUCCESS</responseCode>
<count>1</count>
<data>
<WasScanSchedule>
<id>141147</id>
<name>
<![CDATA[Scheduled Scan With Pool of Internal Scanners]]>
</name>
<owner>
<id>1056860</id>
<username>user_john</username>
<firstName>
<![CDATA[John]]>
</firstName>
<lastName>
<![CDATA[Doe]]>
</lastName>
</owner>
<active>false</active>
<multi>false</multi>
<type>VULNERABILITY</type>
<target>
<webApp>
<id>522065</id>
<name>
<![CDATA[My Web Application]]>
</name>
<url>
<![CDATA[http://mywebapp.com]]>
</url>
</webApp>
<scannerTags>
<set>
<Tag>
<id>8461819</id>
</Tag>
</set>
</scannerTags>
</target>
<progressiveScanning>DEFAULT</progressiveScanning>
<profile>
<id>194283</id>
<name>
<![CDATA[Initial WAS Options]]>
</name>
</profile>
<scheduling>
<startDate>2017-01-10T13:55:00Z</startDate>
<timeZone>
<code>Europe/Istanbul</code>
<offset>+02:00</offset>
</timeZone>
<occurrenceType>ONCE</occurrenceType>
<cancelAfterNHours>10</cancelAfterNHours>
</scheduling>
<notification>
<active>false</active>
<reschedule>false</reschedule>
</notification>
<launchedCount>0</launchedCount>
<createdDate>2017-01-12T11:54:07Z</createdDate>
<createdBy>
<id>1056860</id>
<username>user_john</username>
<firstName>
<![CDATA[John]]>
</firstName>
<lastName>
<![CDATA[Doe]]>
</lastName>
</createdBy>
<updatedDate>2017-01-12T11:54:09Z</updatedDate>
<updatedBy>
<id>1056860</id>
<username>user_john</username>
<firstName>
<![CDATA[John]]>
</firstName>
<lastName>
<![CDATA[Doe]]>
</lastName>
</updatedBy>
<sendMail>true</sendMail>
<sendOneMail>false</sendOneMail>
</WasScanSchedule>
</data>
</ServiceResponse>
The user will be able to set progressiveScanning to ENABLED, DISABLED or DEFAULT, if progressiveScanning is enabled for the subscription. If this option is not set for a new schedule, the value DEFAULT is used.
API request
curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST" --data-binary @-"<qualys_base_url>/qps/rest/3.0/create/was/wasscanschedule"< file.xml
Note: “file.xml” contains the request POST data.
Request POST data
<ServiceRequest>
<data>
<WasScanSchedule>
<name>
<![CDATA[Schedule with enabled progressiveScanning]]>
</name>
<type>VULNERABILITY</type>
<active>false</active>
<scheduling>
<startDate>2019-01-30T12:40:27Z</startDate>
<timeZone>
<code>Asia/Kolkata</code>
<offset>+05:30</offset>
</timeZone>
<occurrenceType>ONCE</occurrenceType>
</scheduling>
<notification>
<active>true</active>
<delay>
<nb>1</nb>
<scale>DAY</scale>
</delay>
<message>
<![CDATA[A scan is scheduled to start soon.]]>
</message>
</notification>
<target>
<webApps>
<set>
<WebApp>
<id>8389207</id>
</WebApp>
</set>
</webApps>
<scannerAppliance>
<type>EXTERNAL</type>
</scannerAppliance>
</target>
<progressiveScanning>ENABLED</progressiveScanning>
<profile>
<id>53483</id>
</profile>
</WasScanSchedule>
</data>
</ServiceRequest>
XML response
<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="<qualys_base_url>/qps/xsd/3.0/was/wasscanschedule.xsd">
<responseCode>SUCCESS</responseCode>
<count>1</count>
<data>
<WasScanSchedule>
<id>8831789</id>
<name>
<![CDATA[Schedule with enabled progressiveScanning]]>
</name>
<owner>
<id>1056860</id>
<username>user_john</username>
<firstName>
<![CDATA[John]]>
</firstName>
<lastName>
<![CDATA[Doe]]>
</lastName>
</owner>
<active>false</active>
<multi>false</multi>
<type>VULNERABILITY</type>
<target>
<webApp>
<id>8389207</id>
<name>
<![CDATA[My Web Application]]>
</name>
<url>
<![CDATA[http://mywebapp.com]]>
</url>
</webApp>
<scannerAppliance>
<type>EXTERNAL</type>
</scannerAppliance>
</target>
<progressiveScanning>ENABLED</progressiveScanning>
<profile>
<id>53483</id>
<name>
<![CDATA[Scan OP]]>
</name>
</profile>
<scheduling>
<startDate>2019-01-30T12:40:00Z</startDate>
<timeZone>
<code>Asia/Kolkata</code>
<offset>+05:30</offset>
</timeZone>
<occurrenceType>ONCE</occurrenceType>
</scheduling>
<notification>
<active>true</active>
<reschedule>false</reschedule>
<delay>
<nb>1</nb>
<scale>DAY</scale>
</delay>
<message>
<![CDATA[A scan is scheduled to start soon.]]>
</message>
</notification>
<launchedCount>0</launchedCount>
<createdDate>2019-02-26T07:17:22Z</createdDate>
<createdBy>
<id>1056860</id>
<username>user_john</username>
<firstName>
<![CDATA[John]]>
</firstName>
<lastName>
<![CDATA[Doe]]>
</lastName>
</createdBy>
<updatedDate>2019-02-26T07:17:22Z</updatedDate>
<updatedBy>
<id>1056860</id>
<username>user_john</username>
<firstName>
<![CDATA[John]]>
</firstName>
<lastName>
<![CDATA[Doe]]>
</lastName>
</updatedBy>
<sendMail>true</sendMail>
<sendOneMail>false</sendOneMail>
<enableWAFAuth>false</enableWAFAuth>
</WasScanSchedule>
</data>
</ServiceResponse>
If Progressive Scanning is not enabled for the subscription, the progressiveScanning element cannot be provided, otherwise, an error will be returned.
XML response (error)
<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="<qualys_base_url>/qps/xsd/3.0/was/wasscanschedule.xsd">
<responseCode>INVALID_REQUEST</responseCode>
<responseErrorDetails>
<errorMessage>Progressive scanning is not enabled in your subscription.</errorMessage>
<errorResolution>Please check with your account manager to enable this option.</errorResolution>
</responseErrorDetails>
</ServiceResponse>
<platform API server>/qps/xsd/3.0/was/wasscanschedule.xsd