Parag Baxi

QualysGuard® API Release Version 8.1 - 30 day notification

Blog Post created by Parag Baxi on Jun 5, 2014

This update to QualysGuard 8.1 includes improvements to the QualysGuard API, allowing you to integrate your programs and API calls with QualysGuard Vulnerability Management (VM) and QualysGuard Policy Compliance (PC).

 

What’s New


QualysGuard API Server URL. The QualysGuard API documentation and sample code use the API server URL for QualysGuard US Platform 1. If your account is located on another platform, please replace this URL with the appropriate server URL for your account.

 

Account  Location

API  Server URL for login
QualysGuard  US Platform https://qualysapi.qualys.com

QualysGuard  US Platform 2

https://qualysapi.qg2.apps.qualys.com

QualysGuard  EU Platformhttps://qualysapi.qualys.eu
QualysGuard  Private Cloud Platformhttps://qualysapi.<customer_base_url>


QualysGuard API Documentation. API user guides and other documentation are available in your account’s Resources section (Help > Resources > API). Note: The service enforces limits on the API calls users can make within a subscription. See “QualysGuard API Limits” for details.

 

VM & PC: Enhanced Networks support

In QualysGuard 8.0, we announced the Networks feature to enable native overlapping IPs support. We have modified DTDs to enhance our API support for this feature:

 

API End Point

Output Changes

DTD Changes

Input Changes

api/2.0/fo/compliance/policy/?action=list

<GLOSSARY>

  <ASSET_GROUP_LIST>

    <ASSET_GROUP>

      ...

      <NETWORK_ID><![CDATA[0]]</NETWORK_ID>

      ...

    </ASSET_GROUP>

  </ASSET_GROUP_LIST>

</GLOSSARY>

Yes:

Added NETWORK_ID to DTD.

No

api/2.0/fo/compliance/posture/?action=list

<HOST>

  <ID>94295</ID>

  <IP network_id="0">10.10.24.245</IP>

  <TRACKING_METHOD>IP</TRACKING_METHOD>

  ...

</HOST>

Yes:

Added network_id attribute.

No

api/2.0/fo/scan/compliance/?action=fetch

<COMPLIANCE_SCAN>

  <HEADER>     

    ...

    <KEY value="NETWORK_ID"> <![CDATA[1364]]> </KEY>

    <KEY value="NETWORK_TITLE"> <![CDATA[JP Network 2]]> </KEY> 

    ...

  </HEADER>

</COMPLIANCE_SCAN>

No

No

php/compliance_authentication_report.dtd

DTD change:


<!ELEMENT HOST_LIST (HOST*)> <!ELEMENT HOST (TRACKING_METHOD, IP, DNS?, NETBIOS?, HOST_TECHNOLOGY?, INSTANCE?, STATUS, CAUSE?, NETWORK?)>

 

Example:

<HOST_LIST>

  <HOST>

    <TRACKING_METHOD>...</TRACKING_METHOD>

    <IP><![CDATA[10.10.10.28]]></IP>

    <DNS>...</DNS>

    <NETBIOS>...</NETBIOS>

    <HOST_TECHNOLOGY>...</HOST_TECHNOLOGY>

    <STATUS>...</STATUS>

    <CAUSE>...</CAUSE>

    <NETWORK><![CDATA[Global Default Network]]></NETWORK>

  </HOST>

</HOST_LIST>

Yes:

Added NETWORK tag to DTD.

No

php/patch_report_scorecard.dtd

<DETECTION_LIST>

  <DETECTION>

    <HOST>

      <IP><![CDATA[10.0.0.2]]></IP>

      <DNS><![CDATA[server.qualys.com]]></DNS>

      <NETBIOS />

      <OS><![CDATA[Linux 2.2-2.6]]></OS>

      <OWNER />

      <NETWORK><![CDATA[Global Default Network]]></NETWORK>

    </HOST>

    <VULN>

      <QID><![CDATA[15077]]></QID>

      <VENDOR_REF><![CDATA[ISC CVE-2012-3817,ISC CVE-2012-3868]]></VENDOR_REF>

      <TITLE><![CDATA[ISC BIND 9 Multiple Denial of Service Vulnerabilities]]></TITLE>

    </VULN>

  </DETECTION>

</DETECTION_LIST>

 

DTD change:

 

<!ELEMENT DETECTION_LIST (DETECTION*)>

<!ELEMENT DETECTION (HOST, VULN)>

 

 

<!ELEMENT HOST (IP, DNS?, NETBIOS?, OS?, OS_CPE?, OWNER?, NETWORK?)>

Yes:

Added NETWORK tag to DTD.

No

php/most_vulnerable_hosts_scorecard.dtd

<MOST_VULNERABLE_HOSTS_SCORECARD>

  <HEADER>...</HEADER>

  <SUMMARY>...</SUMMARY>

  <RESULTS>

    <HOST_LIST>

      <HOST>

        <RANK>...</RANK>

        <IP><![CDATA[10.10.10.10]]></IP>

        <DNS>...</DNS>

        <NETBIOS>...</NETBIOS>

        <LAST_SCAN_DATE>...</LAST_SCAN_DATE>

        <NUM_SEV_5>...</NUM_SEV_5>

        <NUM_SEV_4>...</NUM_SEV_4>

        <BUSINESS_RISK>...</BUSINESS_RISK>

        <SECURITY_RISK>...</SECURITY_RISK>

        <ASSET_GROUPS>...</ASSET_GROUPS>

        <NETWORK><![CDATA[NET1]]></NETWORK>

      </HOST>

    </HOST_LIST>

 

DTD change:


<!ELEMENT IP_LIST (RANGE*, NETWORK?)>

 

<!ELEMENT HOST_LIST (HOST+)>

<!ELEMENT HOST (IP, DNS?, NETBIOS?, ASSET_GROUPS?, IMPACT?, SCORE?, QID?, OS?, SERVICE?, PORT?, RESULTS?, NETWORK?)>

<!ELEMENT RESULTS (#PCDATA)>

<!ELEMENT NETWORK (#PCDATA)>


Yes:

Added NETWORK tag to DTD.

No

php/risk_analysis_report.dtd

<!ELEMENT HOST_LIST (HOST+)>

<!ELEMENT HOST (RANK, IP, DNS?, NETBIOS?, LAST_SCAN_DATE?,

                NUM_SEV_5, NUM_SEV_4, BUSINESS_RISK, SECURITY_RISK, ASSET_GROUPS?, NETWORK?)>


Example:

<HOST_LIST>

  <HOST>

    <IP>10.0.0.8</IP>

    <DNS><![CDATA[server.qualys.com]]></DNS>

    <NETBIOS><![CDATA[XP]]></NETBIOS>

    <ASSET_GROUPS>…</ASSET_GROUPS>

    <IMPACT><![CDATA[High]]></IMPACT>

    <QID>Check</QID>

    <OS>Check</OS>

    <SERVICE>Check</SERVICE>

    <PORT>Check</PORT>

    <RESULTS>Check</RESULTS>

    <NETWORK>NET1</NETWORK>

  </HOST>

</HOST_LIST>

Yes:

Added NETWORK tag to DTD.

No

php/individual_host_compliance_report.dtd

DTD change:


<!ELEMENT IP_LIST (RANGE*, NETWORK?)>

Yes:

Added NETWORK tag to DTD.

No

msp/scan_target_history.php

<IP_TARGETED_LIST>

    <IP_TARGETED network_id="1364">

        <IP>10.10.10.1</IP>

        <NB_SCANS>11</NB_SCANS>

    </IP_TARGETED>

    <IP_TARGETED network_id="0">

        <IP>10.10.10.1</IP>

        <NB_SCANS>18</NB_SCANS>

    </IP_TARGETED>

</IP_TARGETED_LIST>

Yes:

Added network_id attribute to DTD.

No

msp/scheduled_scans.php

<USER_ENTERED_IPS network_id="0">
  <RANGE>
    <START>192.169.1.12</START>
    <END>192.169.1.12</END>
  </RANGE>
</USER_ENTERED_IPS>

 

<EXCLUDE_IP_PER_SCAN network_id="0">10.10.1.61, 10.10.2.3-10.10.2.63</EXCLUDE_IP_PER_SCAN>

<ASSET_GROUP>
  <ASSET_GROUP_TITLE><![CDATA[test AG]]></ASSET_GROUP_TITLE>

    <NETWORK_ID><![CDATA[0]]</NETWORK_ID>

</ASSET_GROUP>

<DOMAIN_NAME network_id="0">domain.com</DOMAIN_NAME>

Yes:


Added network_id attribute and NETWORK_ID tag to DTD.

Yes:

Optional, "network_id" input parameter has to be added.

msp/asset_search.php

<ASSET_SEARCH_REPORT>

  ...

  <HOST_LIST>

    <HOST>

      <IP>10.0.0.7</IP>

      <TRACKING_METHOD>IP</TRACKING_METHOD>

      <NETBIOS><![CDATA[STORE]]></NETBIOS>

      <OPERATING_SYSTEM><![CDATA[Linux 2.2-2.6]]></OPERATING_SYSTEM>

      <NETWORK><![CDATA[Qualys Default Network]]></NETWORK>

      <LAST_SCAN_DATE>2014-04-18T21:23:04Z</LAST_SCAN_DATE>

    </HOST>

  </HOST_LIST>

</ASSET_SEARCH_REPORT>

 

DTD change:

 

<!ELEMENT HOST (ERROR | (IP, HOST_TAGS?,TRACKING_METHOD,

DNS?, NETBIOS?, OPERATING_SYSTEM?, OS_CPE?, QID_LIST?, PORT_SERVICE_LIST?,

ASSET_GROUPS?, LAST_SCAN_DATE?, NETWORK?))>

 

 

 

<!ELEMENT LAST_SCAN_DATE (#PCDATA)>

<!ELEMENT NETWORK (#PCDATA)

Yes:

Added NETWORK tag to DTD.

No

msp/scan_report.php

<HOST_LIST>
  
<HOST>
  
<IP>10.0.0.2</IP>
  
<NETWORK>Global Default Network</NETWORK>
  
<TRACKING_METHOD>IP</TRACKING_METHOD>
  
<DNS><![CDATA[server.qualys.com]]></DNS>
  
<OPERATING_SYSTEM><![CDATA[Linux 2.2-2.6]]></OPERATING_SYSTEM>
  
<ASSET_GROUPS>
  
<ASSET_GROUP_TITLE><![CDATA[AG2]]></ASSET_GROUP_TITLE>
  
</ASSET_GROUPS>
  
<VULN_INFO_LIST>...</VULN_INFO_LIST>
  
</HOST>
</HOST_LIST>

Yes:


Added NETWORK tag to DTD

No

msp/get_host_info.php

<HOST>

  <TRACKING_METHOD>IP address</TRACKING_METHOD>

  <SECURITY_RISK>0</SECURITY_RISK>

    <IP network_id="0">10.10.10.25</IP>

  <OPERATING_SYSTEM><![CDATA[]]></OPERATING_SYSTEM>

  ...

</HOST>

Yes:

Added attribute network_id

to DTD.

NO

msp/asset_ip_list.php

<HOST>

  <IP network_id="0"><![CDATA[10.10.24.58]]></IP>

  ...

</HOST>

Yes:

Added attribute network_id to DTD.

No

msp/asset_data_report.php

<ASSET_DATA_REPORT>

  <HEADER>

    ...

    <TARGET>

       <USER_ASSET_GROUPS>

        ...

       </USER_ASSET_GROUPS>

       <USER_IP_LIST>

         <RANGE network_id="0">

           <START>10.10.10.1</START>

           <END>10.10.10.9</END>

         </RANGE>

       </USER_IP_LIST>

       <COMBINED_IP_LIST>

         <RANGE network_id="0">

           <START>10.10.10.1</START>

           <END>10.10.10.9</END>

         </RANGE>

         ...

       </COMBINED_IP_LIST>

     </TARGET>

     ...

  </HEADER>

  <RISK_SCORE_PER_HOST>

     <HOSTS>

       <IP_ADDRESS network_id="0">10.10.10.1</IP_ADDRESS>

       <TOTAL_VULNERABILITIES>6</TOTAL_VULNERABILITIES>

       <SECURITY_RISK>3.3</SECURITY_RISK>

     </HOSTS>

     ...

  </RISK_SCORE_PER_HOST>

  <HOST_LIST>

    <HOST>

      <IP network_id="0">10.10.10.1</IP>

      <TRACKING_METHOD>IP</TRACKING_METHOD>

      <DNS>

         <![CDATA[server.qualys-test.com]]>

      </DNS>

      ...

    </HOST>

  </HOST_LIST>

  <GLOSSARY>

    ...

  </GLOSSARY>

  <APPENDICES>

    <NO_RESULTS>

      <IP_LIST>

        <RANGE network_id="0">

           <START>10.10.10.4</START>

           <END>10.10.10.6</END>

        </RANGE>

        ...

          </IP_LIST>

        </NO_RESULTS>

      ...

      </TEMPLATE_DETAILS>

    </APPENDICES>

  <!-- 100% done - Built appendix. -->

</ASSET_DATA_REPORT>

Yes:

Added attribute network_id to DTD.

No

msp/asset_range_info.php

<HOST>

    <IP network_id="0">10.10.25.143</IP>

    <TRACKING_METHOD>IP</TRACKING_METHOD>

    ...

</HOST>

Yes:

Added attribute network_id to DTD.

No

msp/msp/ticket_list.php

<TICKET_LIST>
  <TICKET>
      <NUMBER>450</NUMBER>

    ...
    <LOGIN>username</LOGIN>

    <DETECTION>

      <IP network_id="1365">10.10.30.47</IP>
    ...
      </DETECTION>

    ...

</TICKET_LIST>

Yes:

Added attribute network_id to DTD.

No

msp/ignore_vuln.php

<IGNORED>
    ...
    <IP
network_id="1365">10.10.24.7</IP>
    ...
</IGNORED>

 

<RESTORED>
    ...
    <IP
network_id="1365"
>10.10.24.7</IP>
    ...
</RESTORED>

Yes:

Added attribute network_id to DTD.

Yes:

Optional, "network_id" input parameter has been added.

msp/ticket_edit.php

<TICKET_EDIT_OUTPUT>

    <HEADER>

        <USER_LOGIN>username</USER_LOGIN>

    ...

    <WHERE>

            <NETWORK_ID>1365</NETWORK_ID>

    </WHERE>

Yes:

Added "NETWORK_ID" in WHERE section of DTD.

Yes:

Optional, "network_id" input parameter has been added.

Note that asset_groups and network_id can not be inputted at same time.

msp/ticket_delete.php

<TICKET_DELETE_OUTPUT>

    <HEADER>

  ...

  <WHERE>

      <TICKET_NUMBERS>20</TICKET_NUMBERS>

      <NETWORK_ID>1365</NETWORK_ID>

    </WHERE>

  </HEADER>

    ...

</TICKET_DELETE_OUTPUT>

Yes:

Added "NETWORK_ID" in WHERE section of DTD.

Yes:

Optional, "network_id" input parameter has been added.

msp/map_report.php

    <KEY value="NETWORK_ID">0</KEY>

    <KEY value="OPTIONS">Information gathering: Registered Hosts Only, Perform live host sweep, Standard TCP port list, Standard UDP port list, ICMP Host Discovery</KEY>

    ...

    </USER_ENTERED_DOMAINS>

    <OPTION_PROFILE>

      ...

    </OPTION_PROFILE>

</HEADER>

<IP value="192.168.0.1" name="server2.qualys-test.com" os="Cisco IOS" type="router" network="Global Default Network" network_id="0">

  <DISCOVERY method="traceroute" />

    ...

Yes:

Attribute network_id added in IP tag.

No

msp/map.php

<HEADER>

  ...

    <KEY value="NETWORK_ID">1340</KEY>

</HEADER>


<IP value="192.168.0.1" name="server2.qualys-test.com" os="Cisco IOS" type="router" network_id="1340">

<DISCOVERY method="traceroute" />

...

Yes:

Attribute network_id added in IP tag.

Yes:

network_id is added as input. It is optional.

php/ignored_vulns_scorecard.dtd

DTD change:

 

<!ELEMENT HOST (IP, DNS?, NETBIOS?, OS?, OS_CPE?, OWNER?, NETWORK?)>

Yes:

Added NETWORK tag to DTD.

No.

php/ignored_vulns_scorecard.dtd

XML change:


<IP value="10.0.0.2" network_id="109" network="NET1" name="server2.qualys.com" os="Ubuntu / Linux 2.6.x / Linux 2.6">

    <DISCOVERY method="DNS" />

    <DISCOVERY method="ICMP" />

    <DISCOVERY method="TCP Port 22" />

    <DISCOVERY method="TCP Port 111" />

    <DISCOVERY method="UDP Port 111" />

    <DISCOVERY method="TCP RST" />

    <LINK value="10.0.0.1" />

</IP>


DTD change:

 

<!ELEMENT IP (PORT*,DISCOVERY*,LINK*)?>

<!ATTLIST IP

    value CDATA #REQUIRED

    name CDATA #IMPLIED

    type CDATA #IMPLIED

    os CDATA #IMPLIED

    account CDATA #IMPLIED

    netbios CDATA #IMPLIED

    network_id CDATA #IMPLIED>

Yes:

Added network_id and network attributes to DTD.

No.

php/map-2.dtd

XML change:

 

<AUTH_SCAN_ISSUES>
  
<AUTH_SCAN_FAILED>
  
<HOST_INFO>
  
<DNS><![CDATA[server.qualys.com]]></DNS>
  
<IP><![CDATA[10.10.10.7]]></IP>
  
<NETBIOS><![CDATA[STORE]]></NETBIOS>
  
<INSTANCE><![CDATA[os]]></INSTANCE>
  
<CAUSE><![CDATA[Unable to complete login for host=10.0.0.7, user=root]]></CAUSE>
  
<NETWORK><![CDATA[Global Default Network]]></NETWORK>
  
</HOST_INFO>
  
</AUTH_SCAN_FAILED>
</AUTH_SCAN_ISSUES>


DTD change:

 

<!ELEMENT AUTH_SCAN_INSUFFICIENT (HOST_INFO*)>

<!ELEMENT HOST_INFO (DNS, IP, NETBIOS, INSTANCE, CAUSE, NETWORK)>

<!ELEMENT DNS (#PCDATA)>

<!ELEMENT IP (#PCDATA)>

<!ELEMENT NETBIOS (#PCDATA)>

<!ELEMENT INSTANCE (#PCDATA)>

<!ELEMENT CAUSE (#PCDATA)>

<!ELEMENT NETWORK (#PCDATA)>

 

 

<!ELEMENT APPENDIX (TARGET_HOSTS?, TARGET_DISTRIBUTION?, AUTHENTICATION?)>

Yes:

Added NETWORK tag to DTD.

No.

php/control_pass_fail_report.dtd

XML change:

 

<HOST_LIST>

    <HOST>

        <TRACKING_METHOD><![CDATA[IP]]></TRACKING_METHOD>

        <IP><![CDATA[10.0.0.2]]></IP>

        <DNS><![CDATA[server.qualys-test.com]]></DNS>

        <NETBIOS><![CDATA[XPSP3-1]]></NETBIOS>

        <OPERATING_SYSTEM><![CDATA[Windows XP Service Pack 3]]></OPERATING_SYSTEM>

        <POSTURE><![CDATA[Failed]]></POSTURE>

        <NETWORK><![CDATA[Global Default Network]]></NETWORK>

    </HOST>

</HOST_LIST>


DTD change:


<!ELEMENT HOST (TRACKING_METHOD, IP, DNS?, NETBIOS?, INSTANCE?, OPERATING_SYSTEM, OS_CPE?, POSTURE, NETWORK?)>

 

<!ELEMENT TRACKING_METHOD (#PCDATA)>

<!ELEMENT IP (#PCDATA)>

<!ELEMENT DNS (#PCDATA)>

<!ELEMENT NETBIOS (#PCDATA)>

<!ELEMENT INSTANCE (#PCDATA)>

<!ELEMENT OPERATING_SYSTEM (#PCDATA)>

<!ELEMENT OS_CPE (#PCDATA)>

<!ELEMENT POSTURE (#PCDATA)>

<!ELEMENT NETWORK (#PCDATA)>

Yes:

Added NETWORK tag to DTD.

No.

PC: Import control

The DTD & XSD to import QualysGuard Policy Compliance controls has changed to include UDCs for agentless file traversal checks.


compliance_policy_report.dtd:


...
<!ELEMENT CHECK (NAME, DP_NAME, EXPECTED, ACTUAL, PERMISSION_TRANSLATION?, EXTENDED_EVIDENCE?, STATISTICS?)>
<!ELEMENT DP_NAME (#PCDATA)>
<!ELEMENT EXTENDED_EVIDENCE (#PCDATA)>
<!ELEMENT STATISTICS (SEARCH_DURATION, ERRORS?)>
<!ELEMENT EVALUATION (#PCDATA)>
...
<!ELEMENT SEARCH_DURATION (#PCDATA)>
<!ELEMENT ERRORS (#PCDATA)>









 

ImportableControl.xsd:

 

<?xml version="1.0" encoding="UTF-8"?>
<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified">
    <xs:element name="CONTROL_LIST">
        <xs:complexType>
            <xs:sequence>
                <xs:element maxOccurs="unbounded" ref="CONTROL" />
            </xs:sequence>
            <xs:attribute name="total" use="required" type="xs:integer" />
        </xs:complexType>
    </xs:element>
    <xs:element name="ID" type="xs:integer" />
    <xs:element name="CONTROL">
        <xs:complexType>
            <xs:sequence>
                <xs:element ref="CHECK_TYPE" maxOccurs="1" />
                <xs:element ref="CATEGORY" minOccurs="0" maxOccurs="1" />
                <xs:element ref="SUB_CATEGORY" minOccurs="0" maxOccurs="1" />
                <xs:element ref="STATEMENT" maxOccurs="1" />
                <xs:element ref="COMMENT" minOccurs="0" maxOccurs="1" />
                <xs:element ref="IGNORE_ERROR" maxOccurs="1" />
                <xs:element ref="SCAN_PARAMETERS" maxOccurs="1" />
                <xs:element ref="TECHNOLOGY_LIST" maxOccurs="1" />
                <xs:element ref="REFERENCE_LIST" maxOccurs="1" />
            </xs:sequence>
        </xs:complexType>
    </xs:element>
    <xs:element name="CHECK_TYPE">
        <xs:simpleType>
            <xs:restriction base="xs:string">
                <xs:enumeration value="Registry Key Existence" />
                <xs:enumeration value="Registry Value Existence" />
                <xs:enumeration value="Registry Value Content Check" />
                <xs:enumeration value="Registry Permission" />
                <xs:enumeration value="Window File/Directory Existence" />
                <xs:enumeration value="Window File/Directory Permission" />
                <xs:enumeration value="Unix File/Directory Permission" />
                <xs:enumeration value="Unix File Content Check" />
                <xs:enumeration value="Unix File/Directory Existence" />
                <xs:enumeration value="Window File Integrity Check" />
                <xs:enumeration value="Unix File Integrity Check" />
                <xs:enumeration value="WMI Query Check" />
                <xs:enumeration value="Share Access Check" />
                <xs:enumeration value="Unix Directory Search Check" />
            </xs:restriction>
        </xs:simpleType>
    </xs:element>
    <xs:element name="CATEGORY">
        <xs:complexType>
            <xs:sequence>
                <xs:element ref="ID" minOccurs="0" maxOccurs="1"/>
                <xs:element name="NAME" minOccurs="0" maxOccurs="1" type="xs:string"/>
            </xs:sequence>
        </xs:complexType>
    </xs:element>
    <xs:element name="SUB_CATEGORY">
        <xs:complexType>
            <xs:sequence>
                <xs:element ref="ID"  minOccurs="0" maxOccurs="1"/>
                <xs:element ref="NAME" minOccurs="0" maxOccurs="1" />
            </xs:sequence>
        </xs:complexType>
    </xs:element>
    <xs:element name="NAME">
        <xs:simpleType>
            <xs:restriction base="xs:string">
                <xs:minLength value="0"/>
                <xs:maxLength value="128"/>
            </xs:restriction>
        </xs:simpleType>
    </xs:element>
    <xs:element name="STATEMENT">
        <xs:simpleType>
            <xs:restriction base="xs:string">
                <xs:minLength value="1"/>
                <xs:maxLength value="1000"/>
            </xs:restriction>
        </xs:simpleType>
    </xs:element>
    <xs:element name="COMMENT">
        <xs:simpleType>
            <xs:restriction base="xs:string">
                <xs:minLength value="0"/>
                <xs:maxLength value="1000"/>
            </xs:restriction>
        </xs:simpleType>
    </xs:element>
    <xs:element name="IGNORE_ERROR">
        <xs:simpleType>
            <xs:restriction base="xs:integer">
                <xs:enumeration value="0" />
                <xs:enumeration value="1" />
            </xs:restriction>
        </xs:simpleType>
    </xs:element>
    <xs:element name="SCAN_PARAMETERS">
        <xs:complexType>
            <xs:sequence>
                <xs:element ref="REG_HIVE" minOccurs="0" maxOccurs="1" />
                <xs:element ref="REG_KEY" minOccurs="0" maxOccurs="1" />
                <xs:element ref="REG_VALUE_NAME" minOccurs="0" maxOccurs="1" />
                <xs:element ref="FILE_PATH" minOccurs="0" maxOccurs="1" />
                <xs:element ref="FILE_QUERY" minOccurs="0" maxOccurs="1" />
                <xs:element ref="HASH_TYPE" minOccurs="0" maxOccurs="1" />
                <xs:element ref="WMI_NS" minOccurs="0" maxOccurs="1" />
                <xs:element ref="WMI_QUERY" minOccurs="0" maxOccurs="1" />
                <xs:element ref="SHARE_USER" minOccurs="0" maxOccurs="1" />
                <xs:element ref="PATH_USER" minOccurs="0" maxOccurs="1" />
                <xs:element ref="BASE_DIR" minOccurs="0" maxOccurs="1" />
                <xs:element ref="SHOULD_DESCEND" minOccurs="0" maxOccurs="1" />
                <xs:element ref="DEPTH_LIMIT" minOccurs="0" maxOccurs="1" />
                <xs:element ref="FOLLOW_SYMLINK" minOccurs="0" maxOccurs="1" />
                <xs:element ref="FILE_NAME_MATCH" minOccurs="0" maxOccurs="1" />
                <xs:element ref="FILE_NAME_SKIP" minOccurs="0" maxOccurs="1" />
                <xs:element ref="DIR_NAME_MATCH" minOccurs="0" maxOccurs="1" />
                <xs:element ref="DIR_NAME_SKIP" minOccurs="0" maxOccurs="1" />
                <xs:element ref="PERMISSIONS" minOccurs="0" maxOccurs="1" />
                <xs:element ref="PERM_COND" minOccurs="0" maxOccurs="1" />
                <xs:element ref="TYPE_MATCH" minOccurs="0" maxOccurs="1" />
                <xs:element ref="USER_OWNER" minOccurs="0" maxOccurs="1" />
                <xs:element ref="GROUP_OWNER" minOccurs="0" maxOccurs="1" />
                <xs:element ref="TIME_LIMIT" minOccurs="0" maxOccurs="1" />
                <xs:element ref="MATCH_LIMIT" minOccurs="0" maxOccurs="1" />
                <xs:element ref="DATA_TYPE" maxOccurs="1" />
                <xs:element ref="DESCRIPTION" maxOccurs="1" />
            </xs:sequence>
        </xs:complexType>
    </xs:element>
    <xs:element name="REG_HIVE">
        <xs:simpleType>
            <xs:restriction base="xs:string">
                <xs:enumeration value="HKEY_CLASSES_ROOT (HKCR)" />
                <xs:enumeration value="HKEY_CURRENT_USER (HKCU)" />
                <xs:enumeration value="HKEY_LOCAL_MACHINE (HKLM)" />
                <xs:enumeration value="HKEY_USERS (HKU)" />
            </xs:restriction>
        </xs:simpleType>
    </xs:element>
    <xs:element name="REG_KEY">
        <xs:simpleType>
            <xs:restriction base="xs:string">
                <xs:minLength value="1"/>
                <xs:maxLength value="1000"/>
            </xs:restriction>
        </xs:simpleType>
    </xs:element>
    <xs:element name="REG_VALUE_NAME">
        <xs:simpleType>
            <xs:restriction base="xs:string">
                <xs:minLength value="1"/>
                <xs:maxLength value="255"/>
            </xs:restriction>
        </xs:simpleType>
    </xs:element>
    <xs:element name="FILE_PATH">
        <xs:simpleType>
            <xs:restriction base="xs:string">
                <xs:minLength value="1"/>
                <xs:maxLength value="1000"/>
            </xs:restriction>
        </xs:simpleType>
    </xs:element>
    <xs:element name="FILE_QUERY">
        <xs:simpleType>
            <xs:restriction base="xs:string">
                <xs:minLength value="1"/>
                <xs:maxLength value="256"/>
            </xs:restriction>
        </xs:simpleType>
    </xs:element>
    <xs:element name="HASH_TYPE">
        <xs:simpleType>
            <xs:restriction base="xs:string">
                <xs:enumeration value="MD5" />
                <xs:enumeration value="SHA-1" />
                <xs:enumeration value="SHA-256" />
            </xs:restriction>
        </xs:simpleType>
    </xs:element>
    <xs:element name="WMI_NS">
        <xs:simpleType>
            <xs:restriction base="xs:string">
                <xs:minLength value="1"/>
                <xs:maxLength value="1000"/>
            </xs:restriction>
        </xs:simpleType>
    </xs:element>
    <xs:element name="WMI_QUERY">
        <xs:simpleType>
            <xs:restriction base="xs:string">
                <xs:minLength value="1"/>
                <xs:maxLength value="4000"/>
            </xs:restriction>
        </xs:simpleType>
    </xs:element>
    <xs:element name="SHARE_USER">
        <xs:simpleType>
            <xs:restriction base="xs:string">
                <xs:minLength value="1"/>
                <xs:maxLength value="256"/>
            </xs:restriction>
        </xs:simpleType>
    </xs:element>
    <xs:element name="PATH_USER">
        <xs:simpleType>
            <xs:restriction base="xs:string">
                <xs:minLength value="1"/>
                <xs:maxLength value="256"/>
            </xs:restriction>
        </xs:simpleType>
    </xs:element>
    <xs:element name="BASE_DIR">
        <xs:simpleType>
            <xs:restriction base="xs:string">
                <xs:minLength value="1"/>
                <xs:maxLength value="1000"/>
            </xs:restriction>
        </xs:simpleType>
    </xs:element>
    <xs:element name="SHOULD_DESCEND">
        <xs:simpleType>
            <xs:restriction base="xs:boolean">
                <xs:pattern value="true"/>
                <xs:pattern value="false"/>
            </xs:restriction>
        </xs:simpleType>
    </xs:element>
    <xs:element name="DEPTH_LIMIT">
        <xs:simpleType>
            <xs:restriction base="xs:integer">
                <xs:minInclusive value="0"/>
                <xs:maxInclusive value="10"/>
            </xs:restriction>
        </xs:simpleType>
    </xs:element>
    <xs:element name="FOLLOW_SYMLINK">
        <xs:simpleType>
            <xs:restriction base="xs:boolean">
                <xs:pattern value="true"/>
                <xs:pattern value="false"/>
            </xs:restriction>
        </xs:simpleType>
    </xs:element>
    <xs:element name="FILE_NAME_MATCH">
        <xs:simpleType>
            <xs:restriction base="xs:string">
                <xs:minLength value="0"/>
                <xs:maxLength value="255"/>
            </xs:restriction>
        </xs:simpleType>
    </xs:element>
    <xs:element name="FILE_NAME_SKIP">
        <xs:simpleType>
            <xs:restriction base="xs:string">
                <xs:minLength value="0"/>
                <xs:maxLength value="255"/>
            </xs:restriction>
        </xs:simpleType>
    </xs:element>
    <xs:element name="DIR_NAME_MATCH">
        <xs:simpleType>
            <xs:restriction base="xs:string">
                <xs:minLength value="0"/>
                <xs:maxLength value="1000"/>
            </xs:restriction>
        </xs:simpleType>
    </xs:element>
    <xs:element name="DIR_NAME_SKIP">
        <xs:simpleType>
            <xs:restriction base="xs:string">
                <xs:minLength value="0"/>
                <xs:maxLength value="1000"/>
            </xs:restriction>
        </xs:simpleType>
    </xs:element>
    <xs:element name="PERMISSIONS">
        <xs:complexType>
            <xs:sequence>
                <xs:element name="SPECIAL"  type="SPECIAL_OPTION" />
                <xs:element name="USER" type="PERM_OPTION" />
                <xs:element name="GROUP" type="PERM_OPTION" />
                <xs:element name="OTHER" type="PERM_OPTION" />
            </xs:sequence>
        </xs:complexType>
    </xs:element>
    <xs:complexType name="SPECIAL_OPTION">
        <xs:sequence>
            <xs:element name="USER"  type="PERM_TYPES" />
            <xs:element name="GROUP" type="PERM_TYPES" />
            <xs:element name="DELETION" type="PERM_TYPES" />
        </xs:sequence>
    </xs:complexType>
    <xs:complexType name="PERM_OPTION">
        <xs:sequence>
            <xs:element name="READ"  type="PERM_TYPES" />
            <xs:element name="WRITE" type="PERM_TYPES" />
            <xs:element name="EXECUTE" type="PERM_TYPES" />
        </xs:sequence>
    </xs:complexType>
    <xs:simpleType name="PERM_TYPES">
        <xs:restriction base="xs:string">
            <xs:enumeration value="yes" />
            <xs:enumeration value="no" />
            <xs:enumeration value="any" />
        </xs:restriction>
    </xs:simpleType>
    <xs:element name="PERM_COND">
        <xs:simpleType>
            <xs:restriction base="xs:string">
                <xs:enumeration value="all" />
                <xs:enumeration value="some" />
            </xs:restriction>
        </xs:simpleType>
    </xs:element>
    <xs:element name="TYPE_MATCH">
        <xs:simpleType>
            <xs:restriction base="xs:string">
                <xs:minLength value="1"/>
                <xs:maxLength value="15"/>
            </xs:restriction>
        </xs:simpleType>
    </xs:element>
    <xs:element name="USER_OWNER">
        <xs:simpleType>
            <xs:restriction base="xs:string">
                <xs:minLength value="0"/>
                <xs:maxLength value="256"/>
            </xs:restriction>
        </xs:simpleType>
    </xs:element>
    <xs:element name="GROUP_OWNER">
        <xs:simpleType>
            <xs:restriction base="xs:string">
                <xs:minLength value="0"/>
                <xs:maxLength value="256"/>
            </xs:restriction>
        </xs:simpleType>
    </xs:element>
    <xs:element name="TIME_LIMIT">
        <xs:simpleType>
            <xs:restriction base="xs:integer">
                <xs:minInclusive value="30"/>
                <xs:maxInclusive value="900"/>
            </xs:restriction>
        </xs:simpleType>
    </xs:element>
    <xs:element name="MATCH_LIMIT">
        <xs:simpleType>
            <xs:restriction base="xs:integer">
                <xs:minInclusive value="1"/>
                <xs:maxInclusive value="256"/>
            </xs:restriction>
        </xs:simpleType>
    </xs:element>
    <xs:element name="DATA_TYPE">
        <xs:simpleType>
            <xs:restriction base="xs:string">
                <xs:enumeration value="Boolean" />
                <xs:enumeration value="Integer" />
                <xs:enumeration value="String" />
                <xs:enumeration value="String List" />
                <xs:enumeration value="Line List" />
            </xs:restriction>
        </xs:simpleType>
    </xs:element>
  <xs:element name="DESCRIPTION">
        <xs:simpleType>
            <xs:restriction base="xs:string">
                <xs:minLength value="1"/>
                <xs:maxLength value="1000"/>
            </xs:restriction>
        </xs:simpleType>
    </xs:element>
    <xs:element name="TECHNOLOGY_LIST">
        <xs:complexType>
            <xs:sequence>
                <xs:element ref="TECHNOLOGY" maxOccurs="unbounded" />
            </xs:sequence>
            <xs:attribute name="total" use="required" type="xs:integer" />
        </xs:complexType>
    </xs:element>
    <xs:element name="TECHNOLOGY">
        <xs:complexType>
            <xs:sequence>
                <xs:element ref="ID" maxOccurs="1"/>
                <xs:element ref="TECH_NAME" maxOccurs="1" />
                <xs:element ref="RATIONALE" maxOccurs="1" />
                <xs:element ref="DATAPOINT" maxOccurs="1" />
            </xs:sequence>
        </xs:complexType>
    </xs:element>
    <xs:element name="TECH_NAME">
        <xs:simpleType>
            <xs:restriction base="xs:string">
                <xs:minLength value="0"/>
                <xs:maxLength value="64"/>
            </xs:restriction>
        </xs:simpleType>
    </xs:element>
    <xs:element name="RATIONALE">
        <xs:simpleType>
            <xs:restriction base="xs:string">
                <xs:minLength value="1"/>
                <xs:maxLength value="4000"/>
            </xs:restriction>
        </xs:simpleType>
    </xs:element>
    <xs:element name="DATAPOINT">
        <xs:complexType>
            <xs:sequence>
                <xs:element ref="CARDINALITY" minOccurs="0" maxOccurs="1" />
                <xs:element ref="OPERATOR" minOccurs="0" maxOccurs="1" />
                <xs:element ref="DEFAULT_VALUES" maxOccurs="1" />
            </xs:sequence>
        </xs:complexType>
    </xs:element>
    <xs:element name="CARDINALITY">
        <xs:simpleType>
            <xs:restriction base="xs:string">
                <xs:enumeration value="match any" />
                <xs:enumeration value="match all" />
                <xs:enumeration value="match none" />
                <xs:enumeration value="empty" />
                <xs:enumeration value="not empty" />
                <xs:enumeration value="contains" />
                <xs:enumeration value="does not contain" />
                <xs:enumeration value="matches" />
                <xs:enumeration value="is contained in" />
                <xs:enumeration value="intersect" />
                <xs:enumeration value="no cd" />
            </xs:restriction>
        </xs:simpleType>
    </xs:element>
    <xs:element name="OPERATOR">
        <xs:simpleType>
            <xs:restriction base="xs:string">
                <xs:enumeration value="ge" />
                <xs:enumeration value="gt" />
                <xs:enumeration value="le" />
                <xs:enumeration value="lt" />
                <xs:enumeration value="ne" />
                <xs:enumeration value="eq" />
                <xs:enumeration value="in" />
                <xs:enumeration value="range" />
                <xs:enumeration value="re" />
                <xs:enumeration value="xre" />
                <xs:enumeration value="xeq" />
                <xs:enumeration value="no op" />
            </xs:restriction>
        </xs:simpleType>
    </xs:element>
    <xs:element name="DEFAULT_VALUES">
        <xs:complexType>
            <xs:sequence>
                <xs:element ref="DEFAULT_VALUE" maxOccurs="unbounded" />
            </xs:sequence>
            <xs:attribute name="total" use="required" type="xs:integer" />
        </xs:complexType>
    </xs:element>
    <xs:element name="DEFAULT_VALUE">
        <xs:simpleType>
            <xs:restriction base="xs:string">
                <xs:minLength value="0"/>
                <xs:maxLength value="4000"/>
            </xs:restriction>
        </xs:simpleType>
    </xs:element>
    <xs:element name="REFERENCE_LIST">
        <xs:complexType>
            <xs:sequence>
                <xs:element ref="REFERENCE" minOccurs="0" maxOccurs="unbounded"/>
            </xs:sequence>
        </xs:complexType>
    </xs:element>
    <xs:element name="REFERENCE">
        <xs:complexType>
            <xs:sequence>
                <xs:element ref="REF_DESCRIPTION" minOccurs="0" maxOccurs="1" />
                <xs:element ref="URL" minOccurs="0" maxOccurs="1" />
            </xs:sequence>
        </xs:complexType>
    </xs:element>
    <xs:element name="REF_DESCRIPTION">
        <xs:simpleType>
            <xs:restriction base="xs:string">
                <xs:minLength value="0"/>
                <xs:maxLength value="2000"/>
            </xs:restriction>
        </xs:simpleType>
    </xs:element>
    <xs:element name="URL">
        <xs:simpleType>
            <xs:restriction base="xs:string">
                <xs:minLength value="0"/>
                <xs:maxLength value="500"/>
            </xs:restriction>
        </xs:simpleType>
    </xs:element>
</xs:schema>











VM & PC: Asset Group v2 API

The new v2 Asset Group API endpoint enables customers to access Asset Group data via the API with more granularity. The new DTD is below:


<!-- QUALYS ASSET_GROUP_LIST_OUTPUT DTD -->
<!-- $Revision:$ -->
<!ELEMENT ASSET_GROUP_LIST_OUTPUT (REQUEST?,RESPONSE)>
<!ELEMENT REQUEST (DATETIME, USER_LOGIN, RESOURCE, PARAM_LIST?, POST_DATA?)>
<!ELEMENT DATETIME (#PCDATA)>
<!ELEMENT USER_LOGIN (#PCDATA)>
<!ELEMENT RESOURCE (#PCDATA)>
<!ELEMENT PARAM_LIST (PARAM+)>
<!ELEMENT PARAM (KEY, VALUE)>
<!ELEMENT KEY (#PCDATA)>
<!ELEMENT VALUE (#PCDATA)>
<!-- if returned, POST_DATA will be urlencoded -->
<!ELEMENT POST_DATA (#PCDATA)>
<!ELEMENT RESPONSE (DATETIME, (ASSET_GROUP_LIST|ID_SET)?, WARNING?)>
<!ELEMENT ASSET_GROUP_LIST (ASSET_GROUP+)>
<!ELEMENT ASSET_GROUP (ID, TITLE?,
    OWNER_ID?, UNIT_ID?, (NETWORK_ID|NETWORK_IDS)?, LAST_UPDATE?, BUSINESS_IMPACT?,
    CVSS_ENVIRO_CDP?, CVSS_ENVIRO_TD?, CVSS_ENVIRO_CR?, CVSS_ENVIRO_IR?, CVSS_ENVIRO_AR?,
    DEFAULT_APPLIANCE_ID?, APPLIANCE_IDS?,
    IP_SET?, DOMAIN_LIST?, DNS_LIST?, NETBIOS_LIST?,
    EC2_ID_LIST?, HOST_ID_LIST?,
    USER_IDS?, UNIT_IDS?
)>
<!ELEMENT ID (#PCDATA)>
<!ELEMENT TITLE (#PCDATA)>
<!ELEMENT OWNER_ID (#PCDATA)>
<!ELEMENT UNIT_ID (#PCDATA)>
<!ELEMENT NETWORK_ID (#PCDATA)>
<!ELEMENT NETWORK_IDS (#PCDATA)>
<!ELEMENT LAST_UPDATE (#PCDATA)>
<!ELEMENT BUSINESS_IMPACT (#PCDATA)>
<!-- CVSS -->
<!ELEMENT CVSS_ENVIRO_CDP (#PCDATA)>
<!ELEMENT CVSS_ENVIRO_TD (#PCDATA)>
<!ELEMENT CVSS_ENVIRO_CR (#PCDATA)>
<!ELEMENT CVSS_ENVIRO_IR (#PCDATA)>
<!ELEMENT CVSS_ENVIRO_AR (#PCDATA)>
<!-- APPLIANCE_LIST -->
<!ELEMENT DEFAULT_APPLIANCE_ID (#PCDATA)>
<!ELEMENT APPLIANCE_IDS (#PCDATA)>
<!-- IP_SET -->
<!ELEMENT IP_SET ((IP|IP_RANGE)+)>
<!ELEMENT IP (#PCDATA)>
<!ATTLIST IP network_id CDATA "0">
<!ELEMENT IP_RANGE (#PCDATA)>
<!ATTLIST IP_RANGE network_id CDATA "0">
<!-- DOMAIN_LIST -->
<!ELEMENT DOMAIN_LIST (DOMAIN+)>
<!ELEMENT DOMAIN (#PCDATA)>
<!ATTLIST DOMAIN netblock CDATA "">
<!ATTLIST DOMAIN network_id CDATA "0">
<!-- DNS_LIST -->
<!ELEMENT DNS_LIST (DNS+)>
<!ELEMENT DNS (#PCDATA)>
<!ATTLIST DNS network_id CDATA "0">
<!-- NETBIOS_LIST -->
<!ELEMENT NETBIOS_LIST (DNS+)>
<!ELEMENT NETBIOS (#PCDATA)>
<!ATTLIST NETBIOS network_id CDATA "0">
<!-- EC2_IDS -->
<!ELEMENT EC2_IDS (#PCDATA)>
<!-- HOST_IDS -->
<!ELEMENT HOST_IDS (#PCDATA)>
<!-- USER_IDS -->
<!ELEMENT USER_IDS (#PCDATA)>
<!-- UNIT_IDS -->
<!ELEMENT UNIT_IDS (#PCDATA)>
<!-- WARNING -->
<!ELEMENT WARNING (CODE?, TEXT, URL?)>
<!ELEMENT CODE (#PCDATA)>
<!ELEMENT TEXT (#PCDATA)>
<!ELEMENT URL (#PCDATA)>
<!-- EOF -->










Outcomes