Versions Compared

Old Version 1

changes.mady.by.user Nathan O'Hare

Saved on

compared with

New Version Current

changes.mady.by.user Jonathan Bellard

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

This article describes how to configure Prism the platform to import Technical Reports from Qualys VM. The details below describe how Prism the platform can automatically retrieve Technical Reports from Qualys VM.

Table of Contents

Introduction

The Prism Platform’s API support for Qualys VM allows scan results to be retrieved on a ‘per-scan’ basis, or ‘per Technical Report’ basis.

When Technical Reports have been created in Qualys VM, Prism the platform can use the Qualys API to enumerate these Technical Reports and retrieve the report’s underlying XML data.

...

Please refer to the following article the describes the type of Technical Reports that Prism the platform supports:

Supported XML Formats from Qualys VM & WAS

...

Technical Reports in Qualys must be identified to Prism the platform by their Report Title. This is necessary so that Prism the platform can periodically connect to the Qualys API, enumerate Technical Reports and retrieve the reelvant relevant report with a [partially/fully] matching name:

...

In Prism, an Auto Import rule must be defined where the “Scan Identifier” field contains a value that partially/fully matches the Report Title from Qualys VM:

Note

WARNING: If multiple reports exist in Qualys VM, use a suitable Report Title naming scheme that ensures only the intended Qualys VM report is identified and retrieved by Prism. If the “Scan Identifier” value in Prism the platform should match more than one Qualys VM report, this will prevent Prism the platform from importing the correct results. In the example below, the full Report Title in Qualys VM has been used.

...

Please ensure you then click “Save” in the project’s settings to commit the settings to Prism the platform properly:

...

Once saved, Prism the platform will not periodically query the Qualys VM API and identify when new Technical Reports, that matched the given criteria, are available.

Note

Existing Technical Reports in Qualys VM that were generated beforehand will NOT be imported. Prism The platform will only look for new Technical Reports after the project’s Auto-Import settings have been defined and the project has been saved.