Is there a way to add logic to a schedule reports not to include QIDs on the auto-generated CSV file when the Vulnerability Scan failed due to Authentication failure to a specific asset?
At this point, we schedule a vulnerability scan for for over the weekend then sometimes during the week we schedule the report to generate the CSV files. We noticed that Qualys was actually not able successfully logged in to our asset but it still generated the CSV file containing old QIDs. This is a bit tricky because it looks like new vulnerabilities we being reported even though Qualys did not actually open or re-opened any new ticket.
It should say on the report something like Qualys failed to authenticate to your asset, please investigate if ID is active.