Launch VM Scan
Launch a VM scan in the user's account. The scan targets can be specified either by IP addresses or Asset Group IDs (or both).
note
One of these parameters must also be specified in a request: Scanner Names, Scanner IDs, Use Default Scanner, Use Scanners In Account Groups. When none of these are specified, External scanners are used.
Basic Parameters
| Parameter | Description |
|---|---|
| Asset Groups | A comma-separated list of the titles of asset groups containing the hosts to be scanned. |
| Excluded IPs | The IP addresses to be excluded from the scan when the scan target is specified as IP addresses. Both individual IP addresses and ranges are supported. Multiple entries are comma separated. |
| Fqdn | A comma-separated list of target Fully Qualified Domain Names (FQDNs) for a vulnerability scan. Must specify at least one target: an IP, asset group, or FQDN. - DNS Tracking must be enabled for the subscription. A Manager user can enable this feature in the Qualys UI by going to Scans > Setup > DNS Tracking and checking the “Enable DNS Tracking for hosts” option. |
| IPs | A comma-separated list of the IP addresses to be scanned. Both individual IP addresses and ranges are supported. |
| Include Agent Targets | Check this box when the scan target includes agent hosts. This lets the user scan private IPs where agents are installed when these IPs are not in the VM/PC license. Supported capabilities - This parameter is supported for internal scans using scanner appliance(s). This option is not supported for scans using External scanners. - This parameter is supported when launching on demand scans only. It is not supported for scheduled scans. Parameter Scanner IDs or Scanner Names must be specified in the same request, otherwise this parameter will be ignored. |
| Option Profile Title | The title of option profile to be used. |
| Scan Title | The scan title. This can be a maximum of 2000 characters (ascii). |
| Scanner IDs | A comma-separated list of the IDs of the scanner appliances to be used. For an Express Lite user, Internal Scanning must be enabled in the user's account. One of these parameters must also be specified in a request: Scanner Names, Scanner IDs, Use Default Scanner, Use Scanners In Account Groups. When none of these are specified, External scanners are used. |
| Scanner Names | A comma-separated list of the friendly names of the scanner appliances to be used or "External" for external scanners. For an Express Lite user, Internal Scanning must be enabled in the user's account. One of these parameters must also be specified in a request: Scanner Names, Scanner IDs, Default Scanner, Use Scanners In Account Groups. When none of these are specified, External scanners are used. |
| Use Default Scanner | Check to use the default scanner in each target asset group. For an Express Lite user, Internal Scanning must be enabled in the user's One of these parameters must also be specified in a request: Scanner Names, Scanner IDs, Use Default Scanner, Use Scanners In Account Groups. When none of these are specified, External scanners are used. |
| Use Scanners In Account Groups | Check to use scanners according to the specified Account Groups. Appliances in each asset group are tasked with scanning the IPs in the group. This parameter is only valid when the scan target is specified using one of these parameters: asset_groups, asset_group_ids, otherwise it will be ignored. By default up to 5 appliances per group will be used and this can be configured for the account (please contact the Account Manager or Support). For an Express Lite user, Internal Scanning must be enabled in the user's account. One of these parameters must also be specified in a request: Scanner Names, Scanner IDs, Use Default Scanner, Use Scanners In Account Groups. When none of these are specified, External scanners are used. |
| Use Scanners In Network | Check to distribute the scan to all scanner appliances in the network. |
Advanced Parameters
| Parameter | Description |
|---|---|
| Client ID | ID assigned to the client (Consultant type subscription only). Parameter Client ID or Client Name may be specified for the same request. |
| Client Name | Name of the client (Consultant type subscriptions only). Parameter Client ID or Client Name may be specified for the same request. |
| Disable XML To JSON Auto Convert | When checked, XML responses are not automatically converted into JSON format. |
| IP Network ID | Valid only when the Network Support feature is enabled for the user's account - The ID of a network used to filter the IPs/ranges specified in the "ip" parameter. Set to a custom network ID (note this does not filter IPs/ranges specified in parameters asset_groups or asset_group_ids). Set to "0" or leave empty for the Global Default Network - this is used to scan hosts outside of the account's custom networks. |
| Priority | Specify a value of 0 - 9 to set a processing priority level for the scan. When not specified, a value of 0 (no priority) is used. Valid values are: 0 = No Priority (the default), 1 = Emergency, 2 = Ultimate, 3 = Critical, 4 = Major, 5 = High, 6 = Standard, 7 = Medium, 8 = Minor, 9 = Low. |
| Runtime Http Header | Set a custom value in order to drop defenses (such as logging, IPs, etc) when an authorized scan is being run. The value entered will be used in the "Qualys-Scan:" header that will be set for many CGI and web application fingerprinting checks. Some discovery and web server fingerprinting checks will not use this header. |
Example Output
{
"SIMPLE_RETURN": {
"RESPONSE": {
"DATETIME": "2018-01-15T21:32:40Z",
"TEXT": "New vm scan launched",
"ITEM_LIST": {
"ITEM": [
{
"KEY": "ID",
"VALUE": 136992
},
{
"KEY": "REFERENCE",
"VALUE": "scan/1358285558.36992"
}
]
}
}
}
}
Workflow Library Example
Launch Vm Scan with Qualys and Send Results Via Email
Preview this Workflow on desktop