We use an API to kick off complaince scans and then report on whether or not the host is in compliance with the PC policies for our provisioning process. One thing we run into is when the report side of the process runs, we are running before qualys has processed the results so it looks like the host fails the compliance checks. Is there a way to determine if there are compliance updates occurring for a host via the API?
#Login to API
#Get your $scanRef from a DB where you save it when you run a compliance scan or enter it below
$scanRef = 'compliance/0123456789.12345'
#Get Scan status before fetching
$url = 'https://'+$v2_server+'/api/2.0/fo/scan/compliance/?action=list&echo_request=0'
[xml]$status=Invoke-RestMethod -Uri $url -Method get -Headers $header -WebSession $websession
$refStatus = $status.SCAN_LIST_OUTPUT.RESPONSE.SCAN_LIST.SCAN | Where-Object {$_.REF -eq $scanRef}
#check Scan State is finished and that it is processed before fetching scan
IF (($refStatus.STATUS.STATE -eq 'Finished') -and ($refStatus.PROCESSED -eq 1)) {
$url = 'https://'+$v2_server+'/api/2.0/fo/scan/compliance/?action=fetch&echo_request=0&scan_ref='+$scanRef
$methodGET='GET'
$return1 = Invoke-RestMethod -Uri $url -Method $methodGET -Headers $header -WebSession $websession
}
#Logout of API
That is what I have found.