AnsweredAssumed Answered

Qualys API calls in Powershell

Question asked by Rob Martin on Oct 7, 2016
Latest reply on Nov 20, 2016 by Tatsuya Kobayashi

Qualys API calls in Powershell

 

1. Although it’s not official documentation, the API example for PowerShell here (https://community.qualys.com/docs/DOC-4523#jive_content_id_API_v1_578493) does not include code for V2 of the API. I could not get the V1 method to work with V2.

2. It looks like in V1 we were able to use the –Credential parameter in Invoke-RestMethod but I’m not able to get that to work in V2. This method provides a secure way of passing credentials to the API whereas the method I was able to get to work in V2 only uses a Base64 encoded string. Although the data is passed via TLS/SSL I would like to use a more secure password format.

3. Attached is my working PowerShell code that queries the API for certificates and builds PSObjects for each. It seems messy to have to expand the properties for each child node in the XML and it’s kind of a pain to do this in every script that utilizes the API (not to mention the parsing method would need to change for each API). I would like to see more language specific libraries that connect to the API, build custom objects similar to what I have done, and remove parsing from the client’s task list. This way I can do something like the following:

// QAPI( api_type, api_version );
a. $certs = QualysAPI(“certificate”, “2.0”);
b. $hosts = QualysAPI(“host”, “2.0”);

and receive an array of certificate and host objects respectively. Another example would be adding methods for logging in and creating persistent sessions in PowerShell as weIl as logging out. The actual API calls should be transparent to the user.

Attachments

Outcomes