Welcome to Dashboarding and Reporting
Welcome to our Dashboarding and Reporting space. Here we will begin to collaboratively and constructively collect relevant legacy posts into a central location for ease of access, as well as adding a variety of new resources, to include but not limited to, reference documents, dashboard and widget json files, demonstration dashboards, reporting search lists, reporting methodologies and techniques, dashboard and reporting training sessions and videos, etc... So, let's get started!
Dashboard Toolbox: Dashboards and Widgets are Application Module Specific
Search Community Labels to Find Relevant Posts
Did you know you could search the labels applied to the posts within the community? Please click on a tag below to pull a list of relevant resources within our community.
New Dashboard Tags:
dashboard_ux New May 31, 2019
New VM Dashboard BETA vmdb_beta vmdb_bug vmdb_bug_fixed vmdashboard_json vmdb_patchtuesday_widget New May 22, 2019
AssetView Dashboard dashboard_assetview
New QQL Tags:
New Reporting Tags:
reporting_discrepancy New May 31, 2019
Dec 7,2018: This page contains flags to indicae when content is New, Added, and Updated. At the start of 2019, DMFezzaReed will remove the flags for Jan-Nov, 2018 to keep this page neat and tidy. Moving forward, I will maintain the flags for at least 30-days prior to the most current edit. If you have any questions, please let me know.
WARNING: At this time, Dashboard and Widget JSON files are not interchangeable between application dashboards, meaning AssetView json files may only be used in AssetView and Vulnerability Management json files may only be used in Vulnerability Management. If you make a mistake and import a json file from one application into the other, you must contact Qualys Support to have the error corrected in the database for your subscritpion. Again, there is no way to reverse this mistake within the UI, it must be done in the database.
Qualys reporting is not designed for large-scale data exports; Qualys provides custom APIs for that; Reporting is intended to generate human-readable reports, not for exporting every vulnerability from a subscription. The art of creating useful, human-readable, reports (easy to: read, understand and prioritise) is accomplished by leveraging reporting templates configured with:
- targeted assets groups and/or tags (vs All), and,
- leveraging focused search lists and/or queries.
dashboard_features dashboard_howto dashboard_ideation dashboard_toolbox vmdb_beta dashboard_assetview dashboard_query
reporting_features reporting_howto reporting_ideation reporting_toolbox
Dashboard Toolbox: Dashboarding Best Practices FAQ
|Reporting Toolbox: Reporting Best Practices FAQ |
Dashboard Toolbox: Dashboarding Best Practices FAQ
Reporting Toolbox: Reporting Best Practices FAQ
Dashboard Toolbox - New Vulnerability Management (VM) Dashboard BETA
The New Vulnerability Management (VM) Dashboard BETA program is not intended for production use, and its content is subject to modification without notice. If you have any questions regarding the content, please contact your Technical Account Manager (TAM) or Contact Support - Technical Assistance Inquiry Form | Qualys, Inc.
| REPORTING TOOLBOX: New Self-Paced Class: Reporting Strategies and Best Practices||Such Wild Differences From Asset Search and AssetView|
Dashboard Toolbox - VM DASHBOARD BETA: Issue Reporting
|Reporting Toolbox - Trust, but Verify: Focused Search Lists||Asset Discrepancy |
|Dashboard Toolbox - VM DASHBOARD BETA - Bug: Discrepancies||CVE Report ||Purging: What, why, when, how, what happens to the data? |
Dashboard Toolbox - Improving Dashboard Performance through Query Formatting
|Leveraging CVEs for Reporting and Analysis ||Understanding Entity IDs in VM |
|Dashboard Toolbox - VM DASHBOARD BETA - Bug: vulnerabilities.status token options [FIXED]||Creating a Spectre/Meltdown Search Lists, Scan Option Profile, Remediation Tracking and Patch Reports ||What's the API to list all Asset ID's |
|Dashboard Toolbox - VM DASHBOARD BETA - Bug: Vulnerability Detail Content Inaccuracies||Reporting Toolbox - Best Practice: Always Report on EOL Product QIDs ||Dashboard Toolbox - VM DASHBOARD BETA - Discrepancy: Vulnerability Query Formatting and Use of the NOT clause |
Looking for syntax, variable, and object Guide for Qualys queries
|How Do I Export Comments from Remediation Tickets? |
|Dashboard Toolbox - VM DASHBOARD BETA - Bug: vulnerabilities.vulnerability.exploitability token [OPEN]||How do I generate a report of vulnerabilities fixed in a specific period of time? |
|Dashboard Toolbox - VM DASHBOARD BETA - FYI: vulnerabilities.vulnerability.published token [OPEN]||Asset Tags: Are You Getting The Best Value? |
|Dashboard Toolbox - AssetView: EOL AssetView Widget ||Reporting Toolbox: Known Issue with Scorecard Most Vulnerable Hosts Top X Reports|
|Dashboard - Vulnerabilities by asset group |
Qualys Severity Score vs CVSS Scoring
|Dashboards and Reporting: Apache Struts RCE Vulnerabilities: CVE-2017-5638 and CVE-2018-11776 |
Exploitable unauthenticated vulnerabilities
Dashboard Toolbox - VM DASHBOARD BETA: Mapping of Dynamic Search List Criteria to Dashboard Tokens
Create Dynamic Tag finding specific aws tagged instances using API
|Dashboard Toolbox - VM DASHBOARD BETA: How to Create a Query to Track Microsoft Windows Security Update Monthly Patch Release Risk |
|Dashboard Toolbox - NEW IG QIDs for Microsoft OS...Enrich Your Queries |
Best Practice Subscription Maintenance: Opt-In Vulnerability Management Asset Housekeeping Subscription Support Options
|Dashboard Toolbox - VM DASHBOARD BETA: Total Remediated (FIXED) C/P |
Reporting Toolbox: Creating Dynamic Search Lists via APIv2
Best Practice for Executive Reporting
|Dashboard Toolbox - VM DASHBOARD BETA: Microsoft 2019 Patch Tuesday VM Dashboard New May 17, 2019|
Threat Protection Module
Simple Report "Host Not Alive"?
Reporting Toolbox: Mean Time To Remediation (Basic)
Is there a (Report Template) option to include vulnerability AGE?
Reporting Toolbox: Schema for Qualys Enterprise Reporting
Downloading Reports by Name via Python
WARNING: At this time, Dashboard and Widget JSON files are not interchangeable between application dashboards, meaning AssetView json files may only be used in AssetView and Vulnerability Management json files may only be used in Vulnerability Management. If you make a mistake and import a json file from one application into the other, you must contact Qualys Support to have the error corrected in the database for your subscription. Again, there is no way to reverse this mistake within the UI, it must be done in the database.
Dashboard Toolbox - AssetView: EOL AssetView Widget
Dashboard Toolbox - AssetView: Host Scan Time Management (v1.1)
Dashboard Toolbox - AssetView: Open Ports Management & RTI (v1.0)
Dashboard Toolbox - AssetView: Scanning Activity Management (v1.0)
Dashboard Toolbox - Asset View: How To - Import a Dashboard json
Dashboard Toolbox - AssetView: Performance Management (v1.1)
Dashboard Toolbox - AssetView: Windows Authentication Management (v1.4)
AssetView Dashboards Continued - SLAs and Management Information
This is a Qualys curated page.
Please feel free to comment and make suggestions for content below. DMFezzaReed will review and acknowledge both a minimum of once each week.
Debra M. Fezza Reed
Product SME, Dashboard and Reporting
Debra M. Fezza Reed #Dare2Dream (@SecRiskRptSME) | Twitter