Qualys API Quick Reference Guide
Vulnerability Management and Policy Compliance API
8
ids={id,range…}&
id_min={id}&
id_max={id}&
Authentication Record by Type List
/api/2.0/fo/auth/{type}/
where {type} is one of: unix, windows, oracle,
oracle_listener, snmp, ms_sql, neo4j, ibm_db2,
vmware, vcenter, http, apache, ms_iis,
ibm_websphere, mysql, tomcat, oracle_weblogic,
mongodb, mariadb, palo_alto_firewall, jboss,
kubernetes, sapiq, sap_hana, nginx
List Records by Type: (GET + POST)
action
={list}&
Notes
: Same optional parameters as for
authentication records list (all types) plus:
details={Basic
|All|None}&
Authentication Records
/api/2.0/fo/auth/<type>/
where <type> is one of: unix (for Unix, Cisco,
Checkpoint Firewall), windows, oracle,
oracle_listener, snmp, vmware, vcenter, apache,
ms_iis, ibm_websphere, http, mysql, ms_sql,
docker, postgresql, sybase, tomcat, mongodb,
mariadb, palo_alto_firewall, jboss, kubernetes,
sapiq, sap_hana, network_ssh, neo4j, nginx,
informixDB, infoblox,
Manage Records: (GET + POST)
action
={create|update|delete}&
title
={value}&
ids
={id,range…}&
echo_request={0
|1}&
Notes
: “title” is required for a create request. “ids”
is required for an update and delete request.
comments={value}&
{target hosts} (*requirements below)
{<type> credentials} (*requirements per
record)
Notes
: Comments, target hosts, and credentials
specified for create and update requests only (not
delete requests).
{target hosts}
:
ips={ip,range…}&
add_ips={ip,range…}&
remove_ips={ip,range…}&
network_id={value}&
when Tag Support for Authentication Records is
enabled (Windows, Unix):
asset_type={ips
|asset_tags|ip_range_tag_
rule}&
tag_set_by={id
|name}&
tags_include={tag1,tag2...}&
tags_exclude={tag1,tag2,...}&
tag_include_selector={any
|all}&
tag_exclude_selector={any
|all}&
Notes
: “ips” is required for a create request
(except for Windows, and except when Tag
Support is enabled), optional for an update
request. “add_ips” and “remove_ips” are for an
update request only. “network_id” is valid when
the networks feature is enabled.
{vault definition}
:
login_type={basic
|vault}& /set to vault to
enable
vault_id={value}&
vault_type={value}&
(vault parameters below are required except as
indicated, * means optional)
ARCON PAM
vault_service_type={value}&
Azure Key
ak_secret_name={value}&
CA Access Control
end_point_name={value}&
end_point_type={value}&
end_point_container={value}&
CA PAM
vault_app_name={value}&
vault_device_name={value}&
vault_device_host={value}&
CyberArk PIM Suite
folder={value}&
file={value}&
CyberArk AIM
folder={value}&