Purging a web application results in the removal of the scan findings from the web application's scan history. Henceforth, the newly generated web application reports will not include findings from previously completed scans. All dates must be entered in UTC date/time format.
Permissions required - User must have WAS module enabled. User account must have these permissions: Access Permission “API Access” and WAS Asset Permission “Purge Web Asset”. The web application to be purged must be within the user’s scope.
These elements are optional and act as filters. When multiple elements are specified, parameters are combined using a logical AND. Click here for descriptions of <WebApp> elements.
Click here for available operators
|
Parameter |
Mandatory /Optional |
Data Type |
Description |
|---|---|---|---|
|
id |
Optional |
integer |
Web application ID. |
|
name |
Optional |
text |
Web application name. |
|
url |
Optional |
text |
The URL of web application. |
|
tags.name |
Optional |
text |
Tag name assigned to web application. |
|
tags.id |
Optional |
integer |
Tag ID assigned to the web application. |
|
createdDate |
Optional |
date |
The date when the web application was created in WAS, in UTC date/time format. |
|
updatedDate |
Optional |
date |
The date when the web application was last updated in WAS, in UTC date/time format. |
|
isScheduled |
Optional |
boolean |
A flag indicating whether a scan is scheduled for the web application. |
|
isScanned |
Optional |
boolean |
A flag indicating whether the web application has been scanned. |
|
lastScan.status |
Optional |
keyword |
Scan status reported by last web application scan: SUBMITTED, RUNNING, FINISHED, TIME_LIMIT_EXCEEDED, SCAN_NOT_LAUNCHED, SCANNER_NOT_AVAILABLE, ERROR or CANCELED |
|
lastScan.date |
Optional |
date |
Date when the web application was last scanned, in UTC date/time format. |
Let us purge the web application with ID 32420.
API request
curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST" <qualys_base_url>/qps/rest/3.0/purge/was/webapp/32420"
XML response
<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="<qualys_base_url>/qps/xsd/3.0/was/webapp.xsd">
<responseCode>SUCCESS</responseCode>
<count>1</count>
<data>
<WebApp>
<id>32420</id>
</WebApp>
</data>
</ServiceResponse>
Let us purge web applications in the user’s account that have a name with the word “Merchant” and have an ID greater than 323000.
API request
curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST" --data-binary @-
<qualys_base_url>/qps/rest/3.0/purge/was/webapp/ < file.xml
Note: “file.xml” contains the request POST data.Request POST data
<ServiceRequest>
<filters>
<Criteria field="name" operator="CONTAINS">Merchant</Criteria>
<Criteria field="id" operator="GREATER">323000</Criteria>
</filters>
</ServiceRequest>XML response
<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="<qualys_base_url>/qps/xsd/3.0/was/webapp.xsd">
<responseCode>SUCCESS</responseCode>
<count>3</count>
<data>
<WebApp>
<id>323126</id>
</WebApp>
<WebApp>
<id>324256</id>
</WebApp>
<WebApp>
<id>323476</id>
</WebApp>
</data>
</ServiceResponse><platform API server>/qps/xsd/3.0/was/webapp.xsd