WillB

QualysGuard WAS 3.6 API Release Notification

Blog Post created by WillB on Aug 19, 2014

A new release of QualysGuard WAS, Version 3.6 which includes an API update, is targeted for release in late September.

 

This API notification provides an early preview into the coming API changes in QualysGuard WAS 3.6, allowing you to proactively identify any changes that might be required for your automated scripts or programs that utilize the API methods.  One API modification in this release may impact existing API implementations and requires a 30-day notification.  Additional API features that are new will be included at a later date, along with additional details and examples.

 

Full release notes will be available to customers on the day of the release. 

 

API Enhancements

 

Updates to Schedules API

 

We updated the XSD of the schedule API to provide new information about each schedule’s last scan date.  The lastScan element was added to the WasScanSchedule object to represent the last scan.

 

Update to WasScanSchedule.xsd:

 

<complexType name="WasScanSchedule">
  <sequence>
    <element name="id" type="long" />
    <element name="name" type="qcommon:Cdata" />
    <element name="owner" type="Q1:User" />
    <element name="active" type="boolean" />
    <element name="type" type="Q1:WasScanType" />
    <element name="target" type="Q1:WasScanTarget" />
    <element name="profile" type="Q1:WasScanOptionProfile" />
    <element name="scheduling" type="Q1:SchedulePlanification" />
    <element name="notification" type="Q1:ScheduleNotification" />
    <element name="nextLaunchDate" type="dateTime" />
    <element name="launchedCount" type="long" />
    <element name="lastScan" type="Q1:WasScan" />
    <element name="createdDate" type="dateTime" />
    <element name="createdBy" type="Q1:User" />
    <element name="updatedDate" type="dateTime" />
    <element name="updatedBy" type="Q1:User" />
  </sequence>
</complexType>
















 

 

Schedule API – GET

We’ve updated the Schedule GET API (<baseURL>/qps/rest/3.0/get/was/wasscanschedule).

 

Example API call:

curl -s -k -H 'Content-type: text/xml' -H 'user: quays_xx2' -H 'password: demoxx' 'http://demoapi.qa.qualys.com/qps/rest/3.0/get/was/schedule/93264000'

 

Response:

<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="http://platd-papi01.qa.qualys.com:50012/qps/xsd/3.0/was/schedule.xsd">
  <responseCode>SUCCESS</responseCode>
  <count>1</count>
  <data>
    <WasScanSchedule>
      <id>93264000</id>
      <name><![CDATA[Web Application Vulnerability Scan - Test with Sched - 2014-May-02]]></name>
      <owner>
        <id>334527</id>
        <username>quays_xx2</username>
        <firstName><![CDATA[demoFirstName]]></firstName>
        <lastName><![CDATA[demoLastName]]></lastName>
      </owner>
      <active>false</active>
      <type>VULNERABILITY</type>
      <target>
        <webApp>
          <id>1065774000</id>
          <name><![CDATA[Test with Sched]]></name>
          <url><![CDATA[http://10.10.1.100]]></url>
        </webApp>
        <scannerAppliance>
          <type>EXTERNAL</type>
        </scannerAppliance>
      </target>
      <profile>
        <id>59426</id>
        <name><![CDATA[30 links]]></name>
      </profile>
      <scheduling>
        <startDate>2014-05-02T11:59:00Z</startDate>
        <timeZone>
          <code>America/Dawson</code>
          <offset>-07:00</offset>
        </timeZone>
        <occurrenceType>DAILY</occurrenceType>
        <occurrence>
          <dailyOccurrence>
            <everyNDays>1</everyNDays>
          </dailyOccurrence>
        </occurrence>
      </scheduling>
      <notification>
        <active>false</active>
        <reschedule>false</reschedule>
        <delay>
          <nb>1</nb>
          <scale>DAY</scale>
        </delay>
        <message><![CDATA[A QualysGuard scan is scheduled to start soon.]]></message>
      </notification>
      <launchedCount>2</launchedCount>
      <lastScan>
        <id>14930848885</id>
        <name><![CDATA[Web Application Vulnerability Scan - Test with Sched - 2014-May-02]]></name>
        <reference>was/1399921142279.127704</reference>
        <launchedDate>2014-05-12T18:59:01Z</launchedDate>
        <status>FINISHED</status>
        <scanDuration>129</scanDuration>
      </lastScan>
      <createdDate>2014-05-02T18:55:49Z</createdDate>
      <createdBy>
        <id>334527</id>
        <username>quays_xx2</username>
        <firstName><![CDATA[demoFirstName]]></firstName>
        <lastName><![CDATA[demoLastName]]></lastName>
      </createdBy>
      <updatedDate>2014-05-13T18:59:01Z</updatedDate>
      <updatedBy>
        <id>334527</id>
        <username>quays_hv2</username>
        <firstName><![CDATA[demoFirstName]]></firstName>
        <lastName><![CDATA[demoLastName]]></lastName>
      </updatedBy>
    </WasScanSchedule>
  </data>
</ServiceResponse>












 

Schedule API – SEARCH

We’ve updated the Schedule Search API (<baseURL>/qps/rest/3.0/search/was/wasscanschedule).

 

API request:

New filters are available as input parameters.

  • lastScan - List schedules (with operator=NONE)
  • lastScan.launchedDate - Search schedules based on their last scan date
  • lastScan.status - Search schedules based on their last scan status

 

Example API Call:

cat search_schedule.xml | curl -s -k -X POST -H 'Content-type: text/xml' -H 'user: quays_xx2' -H 'password: demo' -d @- 'http://demoapi.qa.qualys.com/qps/rest/3.0/search/was/schedule/'

 

Contents of search_schedule.xml:

<ServiceRequest>
        <filters>
                <Criteria field="lastScan" operator="NONE"></Criteria>
        </filters>
</ServiceRequest>



Response:

<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="http://demoapi.qa.qualys.com/qps/xsd/3.0/was/schedule.xsd">
  <responseCode>SUCCESS</responseCode>
  <count>1</count>
  <hasMoreRecords>false</hasMoreRecords>
  <data>
    <WasScanSchedule>
      <id>171425669</id>
      <name><![CDATA[Web Application Vulnerability Scan - 2014-Aug-19]]></name>
      <owner>
        <id>8792415669</id>
      </owner>
      <active>false</active>
      <type>VULNERABILITY</type>
      <target>
        <webApp>
          <id>1296335669</id>
          <name><![CDATA[Copy of New WA 1]]></name>
          <url><![CDATA[http://10.10.1.100]]></url>
        </webApp>
        <webAppAuthRecord>
          <id>175535669</id>
          <name><![CDATA[AR1]]></name>
        </webAppAuthRecord>
        <scannerAppliance>
          <type>EXTERNAL</type>
        </scannerAppliance>
      </target>
      <profile>
        <id>716315669</id>
        <name><![CDATA[Copy of Initial WAS Options]]></name>
      </profile>
      <scheduling>
        <startDate>2014-08-19T12:30:00Z</startDate>
        <timeZone>
          <code>America/Dawson</code>
          <offset>-07:00</offset>
        </timeZone>
        <occurrenceType>ONCE</occurrenceType>
      </scheduling>
      <createdDate>2014-08-19T19:30:49Z</createdDate>
      <updatedDate>2014-08-19T19:30:50Z</updatedDate>
    </WasScanSchedule>
  </data>
</ServiceResponse>


 

Example API Call:

cat search_schedule.xml | curl -s -k -X POST -H 'Content-type: text/xml' -H 'user: quays_xx2' -H 'password: demo' -d @- 'http://demoapi.qa.qualys.com/qps/rest/3.0/search/was/schedule/'

 

Contents of search_schedule.xml:

<ServiceRequest>
        <filters>
        <Criteria field="lastScan.status" operator="IN">FINISHED,ERROR</Criteria>
        <Criteria field="lastScan.launchedDate" operator="LESSER">2014-08-19</Criteria>
        </filters>
</ServiceRequest>



Response:

<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="http://demoapi.qa.qualys.com/qps/xsd/3.0/was/schedule.xsd">
  <responseCode>SUCCESS</responseCode>
  <count>6</count>
  <hasMoreRecords>false</hasMoreRecords>
  <data>
    <WasScanSchedule>
      <id>6527</id>
      <name><![CDATA[Sched Scan - New Webapp in 2.2.1]]></name>
      <owner>
        <id>334527</id>
      </owner>
      <active>false</active>
      <type>VULNERABILITY</type>
      <target>
        <webApp>
          <id>95933</id>
          <name><![CDATA[New Webapp in 2.2.1]]></name>
          <url><![CDATA[http://10.10.1.100]]></url>
        </webApp>
        <webAppAuthRecord>
          <id>8753</id>
          <name><![CDATA[AR1]]></name>
        </webAppAuthRecord>
        <scannerAppliance>
          <type>EXTERNAL</type>
        </scannerAppliance>
      </target>
      <profile>
        <id>59426</id>
        <name><![CDATA[30 links]]></name>
      </profile>
      <scheduling>
        <startDate>2014-02-06T12:42:00Z</startDate>
        <timeZone>
          <code>America/Dawson</code>
          <offset>-07:00</offset>
        </timeZone>
        <occurrenceType>DAILY</occurrenceType>
        <occurrence>
          <dailyOccurrence>
            <everyNDays>1</everyNDays>
          </dailyOccurrence>
        </occurrence>
      </scheduling>
      <lastScan>
        <id>1485287</id>
        <launchedDate>2014-02-19T20:42:01Z</launchedDate>
        <status>FINISHED</status>
      </lastScan>
      <createdDate>2014-02-06T20:39:07Z</createdDate>
      <updatedDate>2014-02-20T20:42:01Z</updatedDate>
    </WasScanSchedule>
    <WasScanSchedule>
      <id>93264000</id>
      <name><![CDATA[Web Application Vulnerability Scan - Test with Sched - 2014-May-02]]></name>
      <owner>
        <id>334527</id>
      </owner>
      <active>false</active>
      <type>VULNERABILITY</type>
      <target>
        <webApp>
          <id>1065774000</id>
          <name><![CDATA[Test with Sched]]></name>
          <url><![CDATA[http://10.10.10.10]]></url>
        </webApp>
        <scannerAppliance>
          <type>EXTERNAL</type>
        </scannerAppliance>
      </target>
      <profile>
        <id>59426</id>
        <name><![CDATA[30 links]]></name>
      </profile>
      <scheduling>
        <startDate>2014-05-02T11:59:00Z</startDate>
        <timeZone>
          <code>America/Dawson</code>
          <offset>-07:00</offset>
        </timeZone>
        <occurrenceType>DAILY</occurrenceType>
        <occurrence>
          <dailyOccurrence>
            <everyNDays>1</everyNDays>
          </dailyOccurrence>
        </occurrence>
      </scheduling>
      <lastScan>
        <id>14930848885</id>
        <launchedDate>2014-05-12T18:59:01Z</launchedDate>
        <status>FINISHED</status>
      </lastScan>
      <createdDate>2014-05-02T18:55:49Z</createdDate>
      <updatedDate>2014-05-13T18:59:01Z</updatedDate>
    </WasScanSchedule>
    <WasScanSchedule>
      <id>95274000</id>
      <name><![CDATA[Sched Notification Test 2]]></name>
      <owner>
        <id>334527</id>
      </owner>
      <active>false</active>
      <type>VULNERABILITY</type>
      <target>
        <webApp>
          <id>95738</id>
          <name><![CDATA[NWS Test]]></name>
          <url><![CDATA[http://demoapp.vuln.qa.qualys.com:8081]]></url>
        </webApp>
        <scannerAppliance>
          <type>EXTERNAL</type>
        </scannerAppliance>
      </target>
      <profile>
        <id>59426</id>
        <name><![CDATA[30 links]]></name>
      </profile>
      <scheduling>
        <startDate>2014-05-02T16:14:00Z</startDate>
        <timeZone>
          <code>America/Dawson</code>
          <offset>-07:00</offset>
        </timeZone>
        <occurrenceType>DAILY</occurrenceType>
        <occurrence>
          <dailyOccurrence>
            <everyNDays>1</everyNDays>
          </dailyOccurrence>
        </occurrence>
      </scheduling>
      <lastScan>
        <id>14932848885</id>
        <launchedDate>2014-05-12T23:14:02Z</launchedDate>
        <status>FINISHED</status>
      </lastScan>
      <createdDate>2014-05-02T23:07:48Z</createdDate>
      <updatedDate>2014-05-13T23:14:05Z</updatedDate>
    </WasScanSchedule>
    <WasScanSchedule>
      <id>97354000</id>
      <name><![CDATA[Test Sched Notification (May 7 GMT)]]></name>
      <owner>
        <id>334527</id>
      </owner>
      <active>false</active>
      <type>VULNERABILITY</type>
      <target>
        <webApp>
          <id>1061764000</id>
          <name><![CDATA[Blacklist New Scan Settings check]]></name>
          <url><![CDATA[http://10.10.1.100]]></url>
        </webApp>
        <webAppAuthRecord>
          <id>8753</id>
          <name><![CDATA[AR1]]></name>
        </webAppAuthRecord>
        <scannerAppliance>
          <type>EXTERNAL</type>
        </scannerAppliance>
      </target>
      <profile>
        <id>55784</id>
        <name><![CDATA[Initial WAS Options]]></name>
      </profile>
      <scheduling>
        <startDate>2014-05-06T18:22:00Z</startDate>
        <timeZone>
          <code>America/Dawson</code>
          <offset>-07:00</offset>
        </timeZone>
        <occurrenceType>DAILY</occurrenceType>
        <occurrence>
          <dailyOccurrence>
            <everyNDays>1</everyNDays>
          </dailyOccurrence>
        </occurrence>
      </scheduling>
      <lastScan>
        <id>14929668885</id>
        <launchedDate>2014-05-12T01:22:02Z</launchedDate>
        <status>FINISHED</status>
      </lastScan>
      <createdDate>2014-05-06T23:17:23Z</createdDate>
      <updatedDate>2014-05-13T01:22:02Z</updatedDate>
    </WasScanSchedule>
    <WasScanSchedule>
      <id>99314000</id>
      <name><![CDATA[Sched Sanity Test (May 7)]]></name>
      <owner>
        <id>334528</id>
      </owner>
      <active>false</active>
      <type>VULNERABILITY</type>
      <target>
        <webApp>
          <id>1083684000</id>
          <name><![CDATA[BlackList Test (as-is)]]></name>
          <url><![CDATA[http://10.10.1.100]]></url>
        </webApp>
        <scannerAppliance>
          <type>EXTERNAL</type>
        </scannerAppliance>
      </target>
      <profile>
        <id>55784</id>
        <name><![CDATA[Initial WAS Options]]></name>
      </profile>
      <scheduling>
        <startDate>2014-05-07T15:52:00Z</startDate>
        <timeZone>
          <code>America/Dawson</code>
          <offset>-07:00</offset>
        </timeZone>
        <occurrenceType>DAILY</occurrenceType>
        <occurrence>
          <dailyOccurrence>
            <everyNDays>1</everyNDays>
          </dailyOccurrence>
        </occurrence>
      </scheduling>
      <nextLaunchDate>2014-08-13T22:52:00Z</nextLaunchDate>
      <lastScan>
        <id>14930878885</id>
        <launchedDate>2014-05-12T22:52:02Z</launchedDate>
        <status>FINISHED</status>
      </lastScan>
      <createdDate>2014-05-07T22:49:51Z</createdDate>
      <updatedDate>2014-08-13T20:15:05Z</updatedDate>
    </WasScanSchedule>
    <WasScanSchedule>
      <id>99324000</id>
      <name><![CDATA[Sched Sanity Test - w/ notification (May 7)]]></name>
      <owner>
        <id>334527</id>
      </owner>
      <active>false</active>
      <type>VULNERABILITY</type>
      <target>
        <webApp>
          <id>1083684000</id>
          <name><![CDATA[BlackList Test (as-is)]]></name>
          <url><![CDATA[http://10.10.1.100]]></url>
        </webApp>
        <webAppAuthRecord>
          <id>8753</id>
          <name><![CDATA[AR1]]></name>
        </webAppAuthRecord>
        <scannerAppliance>
          <type>EXTERNAL</type>
        </scannerAppliance>
      </target>
      <profile>
        <id>55784</id>
        <name><![CDATA[Initial WAS Options]]></name>
      </profile>
      <scheduling>
        <startDate>2014-05-07T16:15:00Z</startDate>
        <timeZone>
          <code>America/Dawson</code>
          <offset>-07:00</offset>
        </timeZone>
        <occurrenceType>DAILY</occurrenceType>
        <occurrence>
          <dailyOccurrence>
            <everyNDays>1</everyNDays>
          </dailyOccurrence>
        </occurrence>
      </scheduling>
      <nextLaunchDate>2014-08-15T23:15:00Z</nextLaunchDate>
      <lastScan>
        <id>14932858885</id>
        <launchedDate>2014-05-12T23:15:00Z</launchedDate>
        <status>FINISHED</status>
      </lastScan>
      <createdDate>2014-05-07T23:04:37Z</createdDate>
      <updatedDate>2014-08-15T01:02:18Z</updatedDate>
    </WasScanSchedule>
  </data>
</ServiceResponse>


 

 

What is the <baseurl>?

 

This is the API server URL where your QualysGuard account is located. For an account on US Platform 1, this is <qualysapi.qualys.com>; on US Platform 2, this is <qualysapi.qg2.apps.qualys.com>; on EU Platform, this is <qualysapi.qualys.eu>.

Outcomes