This article describes how to configure Prism the platform to import Technical Reports from Qualys VM. The details below describe how Prism the platform can automatically retrieve Technical Reports from Qualys VM.

Introduction

The Prism Platform’s API support for Qualys VM allows scan results to be retrieved on a ‘per-scan’ basis, or ‘per Technical Report’ basis.

When Technical Reports have been created in Qualys VM, Prism the platform can use the Qualys API to enumerate these Technical Reports and retrieve the report’s underlying XML data.

...

Please refer to the following article the that describes the type of Technical Reports that Prism supports:supported by the Platform

Supported XML Formats from Qualys VM & WAS

Configuring Auto Import in

...

Platform

During the creation of a new Project, the “Auto Import” feature must be enabled in the project’s settings. Enabling this feature presents the “Auto Importer” section where auto imports can be defined:

...

Technical Reports in Qualys must be identified to Prism the platform by their Report Title. This is necessary so that Prism the platform can periodically connect to the Qualys API, enumerate Technical Reports and retrieve the reelvant relevant report with a [partially/fully] matching name:

In Qualys VM Reports, note the Report Title of the report that is to be imported into Prismthe platform:

...

In Prismplatform, an Auto Import rule must be defined where the “Scan Identifier” field contains a value that partially/fully matches the Report Title from Qualys VM:

...

Please ensure you then click “Save” in the project’s settings to commit the settings to Prism the platform properly:

...

Once saved, Prism the platform will not periodically query the Qualys VM API and identify when new Technical Reports, that matched the given criteria, are available.