Is there a way to simply add all IP's in an Asset Group to the PC Module?
I may be misreading, but what I did was just leverage the same asset groups from my Vuln scan module. Worked like a champ for me. If you need define new ones, I suggest asking your network team for all the server and workstation subnets, gathering information from your CMDB (if you have a mature one) or using the map function within Qualys. With using the map function will require you to ask folks if it is OK to do and you may want to check with your TAM first before doing so. Once you get your mapped assets, you could use this for your PC and Vuln scan asset groups. I'm a big user of PC. Works quite well for me.
Thanks for the response Josh, I will attempt to clarify...
In order to do a compliance scan on a system, I need to tell the PC module that this IP is part of it, so the method I know now, is that you find that IP under "Host Assets" and add it to the PC module. If I want to so that with a number of IP's, is there way to Select all the IP's in a particular asset group and add those IP's to the PC module.
My issue is that I have a asset group for all my Windows servers (262), when I do a PC scan on that asset group, only 183 are showing up, so I want to make sure that all IP's in that group are part of the PC module so that I can so a scan against the policy.
Hope that is clearer, thanks
Makes sense now Chris, sorry for the misread. You are certainly starting at the correct location within Qualys. I don't know a way to check that. You could always reach out to your TAM or call support.
However, the other reason why you may not getting all the data for those windows hosts is authentication. You could run an authentication report and see if the numbers match up. Also the auth report will tell you why auth is failing.
Another reason is WAN circuit speed. Make sure your default scanners are close as you can be to the hosts you need to scan. I've experienced in the past, if those "problem" hosts are on the side of a slow WAN circuit and network segment with a lot of latency, getting data back can be an issue. I have some other thoughts if you need them.
I know support at Qualys is very helpful and good about diagnosing issues.
Hopefully this helps you out.
So if I'm understanding correctly, you want to add a group IPs to the PC module without having to know what the constituent IPs are. Honestly, the easiest way would be to call into Qualys support.
Support can copy/paste the IPs in your asset group into the PC module. Also, you can -- if you so desire -- open up a feature-request to have this type of functionality added to the product.
Hope this helps.
Retrieving data ...