WIXLIB

Asset Management & Tagging APIUser GuideVersion 3.6.1May 28, 2021

Qualys Asset Management & Tagging APITable of ContentsGet Started . 6Asset Management & Tagging API. 6Qualys user account .7URL to Qualys API server . 8Making API calls . 10Tracking API usage by user. 14Available operators . 16JSON Support . 17Know your portal version. 21Tags . 23Create Tag . 23Update Tag . 26Search Tags . 29Count Tags . 32Delete Tag . 34Evaluate Tag (Deprecated) . 36List Users with their tags . 38Tag Fields . 42Get Tag Info .44Host Assets . 46Get Host Asset Info . 46Create Host Asset . 60

Qualys Asset Management & Tagging APIUpdate Host Asset . 69Search Host Assets . 75Count Host Assets . 98Delete Host Asset. 101Activate Host Asset. 103Host Asset Fields . 108Assets.113Get Asset Info .113Update Asset . 119Search Assets . 124Count Assets . 127Delete Asset . 129Activate Asset .131Asset Fields . 140Host Instance Vulnerability data . 142Get Vulnerability Info . 142Search Vulnerabilities . 144Count Vulnerabilities . 148Host Instance Vulnerability Fields . 150Asset Data Connector .152Get Connector Info .152Update Connector . 154Search Connectors . 158

Qualys Asset Management & Tagging APICount Connectors . 161Delete Connector . 163Run Connector . 165Connector Fields . 168AWS Asset Data Connector . 170Get AWS Connector Info . 170Create AWS Connector . 174Support for AWS GovCloud . 183Support for China Region . 186Support for Cross-Account Role Authentication . 189Update AWS Connector . 193Search AWS Connectors . 199Count AWS Connectors . 204Delete AWS Connector. 206Run AWS Connector . 208AWS Connector Fields . 209AWS Authentication Record . 212Get AWS Auth Record Info . 212Create AWS Auth Record . 214Update AWS Auth Record . 216Search AWS Auth Records .218Count AWS Auth Records . 221Delete AWS Auth Record . 223

Qualys Asset Management & Tagging APIAWS Auth Record Fields . 225Azure Asset Data Connector . 226Get Azure Connector Info . 226Create Azure Connector . 229Update Azure Connector . 232Search Azure Connectors . 234Delete Azure Connector .238

Qualys Asset Management & Tagging APIGet StartedGet StartedAsset Management & Tagging APIManage assets in your account that you want to scan for security andcompliance, define asset tags and AWS connectors.Modules supportedVM, PC, SCA, CERTVIEW, CLOUDVIEWAuthenticationAuthentication to your Qualys account with valid Qualys credentials isrequired for making Qualys API requests to the Qualys API servers. Learnmore about authentication to your Qualys accountGet API NotificationsWe recommend you join our Community and subscribe to our APINotifications RSS Feeds for announcements and /developer/notifications-apiAbout QualysQualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of cloudbased security and compliance solutions. The Qualys Cloud Platform and itsintegrated Cloud Apps deliver businesses critical security intelligencecontinuously, enabling them to automate the full spectrum of auditing,compliance and protection for IT systems and web applications on premises,on endpoints and elastic clouds. For more information, please visitwww.qualys.comQualys and the Qualys logo are proprietary trademarks of Qualys, Inc. Allother products or names may be trademarks of their respective companies6

Qualys Asset Management & Tagging APIGet StartedQualys user accountAuthentication to your Qualys account with valid Qualys credentials isrequired for making Qualys API requests to the Qualys API servers.The application must authenticate using Qualys account credentials (username and password) as part of the HTTP request. The credentials aretransmitted using the “Basic Authentication Scheme” over HTTPS.For information, see the “Basic Authentication Scheme” section of RFC #2617:http://www.faqs.org/rfcs/rfc2617.htmlThe exact method of implementing authentication will vary according towhich programming language is used.The allowed methods, POST and/or GET, for each API request aredocumented with each API call in this user guide.Sample request - basic authenticationcurl -u s/rest/2.0/count/am/hostasset7

Qualys Asset Management & Tagging APIGet StartedURL to Qualys API serverQualys maintains multiple Qualys Cloud Platforms. The API server URL thatyou should use for API requests depends on the platform where your Qualysaccount is located.AccountlocationAPI server URLQualys USPlatform 1https://qualysapi.qualys.comQualys USPlatform 2https://qualysapi.qg2.apps.qualys.comQualys USPlatform 3https://qualysapi.qg3.apps.qualys.comQualys EUPlatform 1https://qualysapi.qualys.euQualys EUPlatform 2https://qualysapi.qg2.apps.qualys.euQualys IndiaPlatform 1https://qualysapi.qg1.apps.qualys.inQualys PrivateCloud Platformhttps://qualysapi. customer base url Looking for your API server URL for your account? You can find this easily.Just log in to your Qualys account and go to Help About. You'll see thisinformation under Security Operations Center (SOC).8

Qualys Asset Management & Tagging APIGet Started9

Qualys Asset Management & Tagging APIGet StartedMaking API callsCurl samples in our API docWe use curl in our API documentation to show an example how to form RESTAPI calls, and it is not meant to be an actual production example ofimplementation.Object typesYou have core objects, which represent domain objects for specific businessgoals and related objects which contain related information or collections ofinformation. Related objects are often simplified representations of coreobjects but are not implicitly core objects. For example, the tags collection onAsset is a simpler form of the Tag core object, but the ports collection is not.CollectionsCollections of related objects are found within a container object called aQList. These lists will have a specific name for the type of objects theycontain. For example, the tags collection Asset is a TagSimpleQList and willread and write TagSimple API objects. These lists can contain a number of subelements.count - (Read only) The total number of items returned in the list elementlist - (Read only) The items contained in the collection on the serverset - A new collection of items to place in the server side object. Any existingitems not in the list provided will be discarded.add - A new item to be added to the server side object. The item may bekeyed of one ore more fields depending on the collection. In the even thatthat an item in the add collection collides with an existing entry, the existingentry will be updated with the fields provided. Many collections will allow youto either associate an existing item with the targeted collection, or create anew one and add it to the collection. If you provide a key field, most often idor uuid, the object will be looked up and associated. In the absence of thesefields, a new object will be created (if the list allows it).10

Qualys Asset Management & Tagging APIGet Startedremove - Removes an element from the list by the collections key, usually id.If the item does not exist, the entry will be ignored. Additional fields beyondthe item key will also be ignored.update - Updates item(s) in the collection. This allows you to update the fieldsof non-core items via the objects and reference them. Items will be resolvedby the collection’s key, and then additional fields applied to the found object.In the event that the supplied item does not match an existing related object,it will be ignored.Whitespace in HTML tagsWhitespace (which includes line breaks) is not allowed in XML tags that arenumbers.Invalid tag - This syntax will not work id 34234 /id Valid tag - This syntax will work just fine id 345254 /id PaginationSome API actions will return a list of core objects but will limit the numberreturned (default is 100). You can change which objects are returned and thenumber of objects by specifying a preferences tag in the POST body of yourrequest.Preferences tag fields:startFromOffset - The first item to return by index. The default is 1.startFromId - The first item to return by primary key. No default value.limitResults - The total number of items to return. The default is 100.11

Qualys Asset Management & Tagging APIGet StartedThe allowed methods, POST and/or GET, for each API request aredocumented with each API call in this user guide.Sample pagination settings ?xml version "1.0" encoding "UTF-8" ? ServiceRequest preferences startFromOffset 100 /startFromOffset limitResults 50 /limitResults /preferences /ServiceRequest Limit your resultsUse the optional “fields” parameter for any Search or Get API request to limitthe amount of information returned in the results. Simply specify the fieldsyou want to include in the output, and all other information will be filtered out.Multiple fields are comma separated and wildcards are supported.This get request will fetch tag ID 12345 and return the tag ID, name andcreation date:Sample limit et/am/tag/12345?fields id,name,createdThis search request will return the ID of the connector and the ID of anydefault tags attached to the connector:Sample search 0/search/am/awsassetdataconnector?fields id,defaultTags.list.SimpleTag.idUsing wildcards, the example above could be represented as:Sample search connectors using wildcards12

Qualys Asset Management & Tagging APIGet earch/am/awsassetdataconnector?fields id,defaultTags.*.*.iddSimpleTag.id13

Qualys Asset Management & Tagging APIGet StartedTracking API usage by userYou can track API usage by a user without the need to provide usercredentials such as the username and password.Optional X-Powered-By headerAPI usage can be tracked using the X-Powered-By HTTP header whichincludes a unique ID generated for each subscription and a unique IDgenerated for each user. Once enabled, the X-Powered-By HTTP header isreturned for each API request made by a user. The X-Powered-By HTTPheader will be returned for both valid and invalid requests. However, it will notbe returned if an invalid URL is hit or when user authentication fails.Contact Qualys Support to get the X-Powered-By HTTP header enabled.The X-Powered-By header is returned in the following format:X-Powered-By: Qualys: POD ID : SUB UUID : USER UUID where,- POD ID is the shared POD or a PCP. Shared POD is USPOD1, USPOD2, etc.- SUB UUID is the unique ID generated for the subscription- USER UUID is the unique ID generated for the user. You can use theUSER UUID to track API usage per user.Sample X-Powered-By headerX-Powered-By: 8:06198167-43f3-7591-802a-1c400a0e81b1Sample outputsHere are sample outputs showing the X-Powered-By HTTP header.Sample output for VM, PC14

Qualys Asset Management & Tagging APIGet Started. HTTP/1.1 200 OK Date: Thu, 14 Sep 2017 09:11:21 GMT Server: Qualys X-XSS-Protection: 1 X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-Powered-By: 178af1e-4049-7fce-81ca-75584feb8e93 X-RateLimit-Limit: 300 X-RateLimit-Window-Sec: 3600 X-Concurrency-Limit-Limit: 500 X-Concurrency-Limit-Running: 0 X-RateLimit-ToWait-Sec: 0 X-RateLimit-Remaining: 298 X-Qualys-Application-Version: QWEB-8.11.0.0SNAPSHOT20170914072818#4205 X-Server-Virtual-Host: qualysapi.qualys.com X-Server-Http-Host: qualysapi.qualys.com Transfer-Encoding: chunked Content-Type: text/xml;charset UTF-8.Sample output for other Qualys apps.229HTTP/1.1 200 OKX-Powered-By: : application/xmlTransfer-Encoding: chunkedDate: Mon, 04 Dec 2017 05:36:29 GMTServer: ApacheLBDEBUG: NS 10.44.1.12,SERVER 10.44.77.81:50205,CSW cs-p04qualysapi443,VSERVER vs-p04-papi-80,ACTIVE-SERVICES 2,HEALTH 100.15

Qualys Asset Management & Tagging APIGet StartedAvailable operatorsOper

Apr 26, 2021 · list - (Read only) The items contained in the collection on the server . set - A new collection