Dashboarding and Reporting

Document created by DMFezzaReed Employee on Jun 20, 2018Last modified by DMFezzaReed Employee on Mar 21, 2019
Version 89Show Document
  • View in full screen mode

Welcome to Dashboarding and Reporting

 

Welcome to our Dashboarding and Reporting space.  Here we will begin to collaboratively and constructively collect relevant legacy posts into a central location for ease of access, as well as adding a variety of new resources, to include but not limited to, reference documents, dashboard and widget json files, demonstration dashboards, reporting search lists, reporting methodologies and techniques, dashboard and reporting training sessions and videos, etc...  So, let's get started!

 

Dashboard Toolbox: Dashboards and Widgets are Application Module Specific 

 

Search Community Labels to Find Relevant Posts

Did you know you could search the labels applied to the posts within the community? Please click on a tag below to pull a list of relevant resources within our community.

 

New Dashboard Tags:

dashboard_ideation

dashboard_toolbox

dashboard_howto

dashboard_features 

dashboard_query 

dashboard_discrepancy New Feb 13, 2019

New VM Dashboard BETA vmdb_beta vmdb_bug  vmdb_bug_fixed  

       AssetView Dashboard dashboard_assetview

 

New QQL Tags:

qql_bug 

qql_bug_fixed 

 

 

New Reporting Tags:

reporting_ideation

reporting_toolbox

reporting_howto

reporting_features 

Dec 7,2018: This page contains flags to indicae when content is New, Added, and Updated.  At the start of 2019, DMFezzaReed will remove the flags for Jan-Nov, 2018 to keep this page neat and tidy. Moving forward, I will maintain the flags for at least 30-days prior to the most current edit.  If you have any questions, please let me know.

                      

Training Resources

 

Recommended Resources

WARNING:  At this time, Dashboard and Widget JSON files are not interchangeable between application dashboards, meaning AssetView json files may only be used in AssetView and Vulnerability Management json files may only be used in Vulnerability Management.  If you make a mistake and import a json file from one application into the other, you must contact Qualys Support to have the error corrected in the database for your subscritpion.  Again, there is no way to reverse this mistake within the UI, it must be done in the database.

                                    

Qualys reporting is not designed for large-scale data exports; Qualys provides custom APIs for that; Reporting is intended to generate human-readable reports, not for exporting every vulnerability from a subscription. The art of creating useful, human-readable, reports (easy to: read, understand and prioritise) is accomplished by leveraging reporting templates configured with:   

  • targeted assets groups and/or tags (vs All), and, 
  • leveraging focused search lists and/or queries.          
  •             
            

Dashboarding

dashboard_features dashboard_howto dashboard_ideation dashboard_toolbox vmdb_beta  dashboard_assetview dashboard_query

Reporting

reporting_features reporting_howto reporting_ideation reporting_toolbox

Discrepancy Management

discrepancy_mgmt

 Dashboard Toolbox: Dashboarding Best Practices FAQ New Jan 9, 2019

Reporting Toolbox: Reporting Best Practices FAQ New Jan 9, 2019

Dashboard Toolbox: Dashboarding Best Practices FAQ 

Reporting Toolbox: Reporting Best Practices FAQ 

Dashboard Toolbox - New Vulnerability Management (VM) Dashboard BETA   Updated Feb 12, 2019

The New Vulnerability Management (VM) Dashboard BETA program is not intended for production use, and its content is subject to modification without notice. If you have any questions regarding the content, please contact your Technical Account Manager (TAM) or Contact Support - Technical Assistance Inquiry Form | Qualys, Inc.                     

                                                                                        
 REPORTING TOOLBOX: New Self-Paced Class: Reporting Strategies and Best PracticesSuch Wild Differences From Asset Search and AssetView

Dashboard Toolbox - VM DASHBOARD BETA: Issue Reporting 

Reporting Toolbox - Trust, but Verify: Focused Search ListsAsset Discrepancy 
Dashboard Toolbox - VM DASHBOARD BETA - Bug: DiscrepanciesCVE Report Purging: What, why, when, how, what happens to the data? 

Dashboard Toolbox - Improving Dashboard Performance through Query Formatting

Leveraging CVEs for Reporting and Analysis Understanding Entity IDs in VM 
Dashboard Toolbox - VM DASHBOARD BETA - Bug: vulnerabilities.status token options [FIXED]Creating a Spectre/Meltdown Search Lists, Scan Option Profile, Remediation Tracking and Patch Reports What's the API to list all Asset ID's 
Dashboard Toolbox - VM DASHBOARD BETA - Bug: Vulnerability Detail Content InaccuraciesReporting Toolbox - Best Practice: Always Report on EOL Product QIDs Dashboard Toolbox - VM DASHBOARD BETA - Discrepancy: Vulnerability Query Formatting and Use of the NOT clause New Feb 13, 2019

Looking for syntax, variable, and object Guide for Qualys queries 

How Do I Export Comments from Remediation Tickets?  
Dashboard Toolbox - VM DASHBOARD BETA - Bug: vulnerabilities.vulnerability.exploitability token [OPEN]How do I generate a report of vulnerabilities fixed in a specific period of time? 
Dashboard Toolbox - VM DASHBOARD BETA - FYI: vulnerabilities.vulnerability.published token [OPEN]Asset Tags: Are You Getting The Best Value? 
Dashboard Toolbox - AssetView: EOL AssetView Widget Reporting Toolbox: Known Issue with Scorecard Most Vulnerable Hosts Top X Reports
Dashboard - Vulnerabilities by asset group 

Qualys Severity Score vs CVSS Scoring  

 

Dashboards and Reporting: Apache Struts RCE Vulnerabilities: CVE-2017-5638 and CVE-2018-11776 

Exploitable unauthenticated vulnerabilities  

Dashboard Toolbox - VM DASHBOARD BETA: Mapping of Dynamic Search List Criteria to Dashboard Tokens  

Create Dynamic Tag finding specific aws tagged instances using API 

Dashboard Toolbox - VM DASHBOARD BETA: How to Create a Query to Track Microsoft Windows Security Update Monthly Patch Release Risk 

Emailing Reports 

Dashboard Toolbox - NEW IG QIDs for Microsoft OS...Enrich Your Queries 

Best Practice Subscription Maintenance: Opt-In Vulnerability Management Asset Housekeeping Subscription Support Options 

Dashboard Toolbox - VM DASHBOARD BETA: Total Remediated (FIXED) C/P New Mar 21, 2019

Reporting Toolbox: Creating Dynamic Search Lists via APIv2 

Best Practice for Executive Reporting 

Threat Protection Module 

Simple Report "Host Not Alive"? 

Reporting Toolbox: Mean Time To Remediation (Basic)  

Is there a (Report Template) option to include vulnerability AGE?  

Reporting Toolbox: Schema for Qualys Enterprise Reporting 

Downloading Reports by Name via Python Added Jan 9, 2019

 

WARNING:  At this time, Dashboard and Widget JSON files are not interchangeable between application dashboards, meaning AssetView json files may only be used in AssetView and Vulnerability Management json files may only be used in Vulnerability Management.  If you make a mistake and import a json file from one application into the other, you must contact Qualys Support to have the error corrected in the database for your subscription.  Again, there is no way to reverse this mistake within the UI, it must be done in the database.

                                

 

AssetView Dashboards: 

Dashboard Toolbox - AssetView: EOL AssetView Widget 

Dashboard Toolbox - AssetView: Host Scan Time Management (v1.1) 

Dashboard Toolbox - AssetView: Open Ports Management & RTI (v1.0) 

Dashboard Toolbox - AssetView: Scanning Activity Management (v1.0) 

Dashboard Toolbox - Asset View: How To - Import a Dashboard json 

Dashboard Toolbox - AssetView: Performance Management (v1.0) 

Dashboard Toolbox - AssetView: Windows Authentication Management (v1.3) 

AssetView Dashboards Continued - SLAs and Management Information Added Feb 12, 2019

 

 

 

 

Please feel free to comment and make suggestions for content below.  DMFezzaReed will review and acknowledge both a minimum of once each week.

1 person found this helpful

Attachments

    Outcomes