AnsweredAssumed Answered

What's wrong with this scan launch API call?

Question asked by David White on Jul 29, 2015
Latest reply on Jul 31, 2015 by David White

I've created an asset group (called "DavidTestGroup") that has 8 IP addresses in it, from 10.1.1.1 to 10.1.1.8.  I've also associated an internal scanner with the asset group.

 

If I launch a scan like this:

 

curl -m 900 -H "X-Requested-With: Curl" -u '<user>:<password>' -X POST -d 'action=launch&scan_title=MyTest&option_title=ShellshockScan&ip=10.1.1.1-10.1.1.8' 'https://qualysapi.qualys.com/api/2.0/fo/scan/'

 

then everything works fine, and I get back a valid scan reference.  However if I launch like this:

 

curl -m 900 -H "X-Requested-With: Curl" -u '<user>:<password>' -X POST -d 'action=launch&scan_title=MyTest&option_title=ShellshockScan&asset_groups=DavidTestGroup' 'https://qualysapi.qualys.com/api/2.0/fo/scan/'


then the Curl process just sits there, until 5 minutes later I get back:


* SSL read: errno -5961

* Closing connection #0

curl: (56) SSL read: errno -5961


Can anyone help me understand why this scan is working with the hardcoded IPs, but not the asset group that contains those IPs?  Or why I'm not even getting an error message, but instead Qualys is just timing out?  (the asset group is owned by the same user running the API call, and I also tried it using asset_group_ids, but the outcome was the same.)


Thanks to anyone who can help!

Outcomes