Qualys host detection REST message

The Qualys Host Detection REST message makes the initial call to the Host List Detection API for the Qualys Host Detection Integration.

Changes to the REST message method record impact the request made to Qualys to retrieve Host Detection information.

The table below shows the request parameters that are sent.

Table 1. Qualys Host Detection REST Message Parameters
Parameter Name Value Description
action list Indicates the type of operation being requested.

This is a required parameter and should not be changed.

output_format XML Sets the format of the report returned by Qualys.

The various scripts and transforms assume XML, so this value should not be changed.

vm_scan_since ${lastScanDate} Retrieves data based on the last scan date. The value is a variable that is set from the integration based on the last time the integration was run.

This value should not be modified, but can be removed if you wish to retrieve all vulnerability data. NOT recommended due to thevolume of data.

truncation_limit 500 The number of hosts to retrieve data from per request. This is used for pagination purposes.

The default value is 500, but larger or smaller values can be used.

Smaller values require more calls to the Qualys API, and larger values result in larger result sets to process and potential data retrieval/processing timeouts.

status New, Fixed, Active, Re-opened Detection statuses to retrieve from Qualys.

The default is to retrieve all, but for large data pulls (often the initial pull of data), it may be beneficial to exclude Fixed from this list.

For updating vulnerabilities already in the system, including the Fixed status is important.