This directory contains Qualys community open source scripts. The sample code demonstrates the functionality of the QualysGuard API. Several sample scripts are provided to show how to use API features to perform network security audits and vulnerability management.
These scripts are unsupported and are provided as proof-of-concept only.Scripts options and details are availalable via --help.
Note, that if you account is setup on a different platform you may need to edit the script and change the FQDN via hard coded variables or via a run time parameter (e.g. --serverurl=) from qualsapi.qualys.com to one of the following:
| Platform Name | URL |
|---|---|
| Qualys US Platform 1 | https://qualysguard.qualys.com |
| Qualys US Platform 1 - API Gateway (FIM, IOC, ITAM) | https://gateway.qg1.apps.qualys.com |
| Qualys US Platform 2 | https://qualysguard.qg2.apps.qualys.com |
| Qualys US Platform 3 | https://qualysguard.qg3.apps.qualys.com |
| Qualys US Platform 4 | https://qualysguard.qg4.apps.qualys.com |
| Qualys EU Platform 1 | https://qualysguard.qualys.eu |
| Qualys EU Platform 1 - API Gateway (FIM, IOC, ITAM) | https://gateway.qg1.apps.qualys.eu |
| Qualys EU Platform 2 | https://qualysapi.qg2.apps.qualys.eu |
| Qualys India Platform 1 | https://qualysguard.qg1.apps.qualys.in |
| Qualys Private Cloud Platform | https://qualysapi.<customer_base_url> |
Returns the version ID strings for the QualysGuard MSP API, the web application, scanner software, and vulnerability signatures.
This script demonstrates how to accept the Qualys Service End User License Agreement (EULA) on behalf of a customer.
This script adds asset IP addresses to a QualysGuard subscription by importing the assets from a CSV file.
Performs synchronization (of sorts) with Active Directory.
This script totals the severity levels for vulnerabilities detected by a QualysGuard scan and calculates a total score. This score can be calculated from an existing scan, or from running a scan. This base score is compared to the most recent score for the same IP address range, if one exists, and the difference is reported.
A script to get a CSV of all the CVEs currently covered in our KB.
Download a QualysGuard report based on a report template.
Demonstrates how to interact with the QualysGuard network map functions including: Launch a map, launch a map and save the report on the QualysGuard server, list saved map reports, retrieve a saved map report, list maps in progress, and cancel a running map.
Demonstrates how to interact with the QualysGuard scan functions including: Launch a scan, launch a scan and save the report on the QualysGuard server, list saved scan reports, retrieve a saved scan report, list scans in progress, and cancel a running scan.
Generates a list of all installed software in the environment.
Gets more detailed statistics on the KB, including counts by category, total Bugtraq items, etc.
Gets the last scan time and scanner for the specified IP.
Find all assets not scanned within a number of days specified and add them to a group.
Gets traceroute information for specified asset groups and timeframe and calculates useful stats.
Downloads the QID, name, and CVSS base score of all PCI vulnerabilities in the KB (those that will cause a PCI failure).
A poor man's "Open Ports and Services" report.
Purges the automatic data for all hosts not scanned since a particular date/in XX days.
Output the complete scanner details as they are available in the GUI.
This script demonstrates how to interact with scan service options. The following options may be set: Scan dead hosts, ports to scan, and scan hosts behind a load balancer.
Downloads scheduled tasks and look for sub-optimal scanner loads.
A script to parse the results of QID 45038 (Host Scan Time) and calculate the average scan time. It will also call out the IP and OS of systems that take abnormally long.
This script demonstrates how to define scan or map tasks to occur on a regular basis -- daily, weekly, or monthly.
This script, like vulnsummary, demonstrates how to connect to the QualysGuard API, and how to extract and display data from the scan report XML document.
Qualys provides a Ticket Notification Engine (TNE) that outputs SMTP messages based on XML versions of individual tickets in QualysGuard that are consumable by Remedy ticketing systems. The TNE can also be configured to support some customization to support the receiving ticketing system.
This script adds user accounts to an existing subscription by importing user account information from a user-defined CSV file.
This script demonstrates how to connect to the QualysGuard API and how to extract vulnerability data from the scan report XML document.