AnsweredAssumed Answered

Automate the scan and report with WAS API

Question asked by kiran dachiraju on Jan 28, 2018
Latest reply on Jan 29, 2018 by kiran dachiraju

Hi All,

 

I am trying to do automate the launch scan, generate report for WAS module via API, I have individual python scripts to launch scan, generate report, those scripts are working fine but I have to combine the individual scripts as one means after scan completes it has to generate the custom report automatically. The sample script provided by Parag was good exapmle for VM API, I tried same way but missing the logic, I am not expert in python, could some one help me out. Below are the scripts.

 

Launch scan:
import lxml.objectify
from lxml.builder import E
import qualysapi
import requests
qgc = qualysapi.connect()
call = '/launch/was/wasscan'
parameters = '<ServiceRequest><data><WasScan><name>Vulnerability Scan launched from API</name><type>VULNERABILITY</type><target><webApp><id>12345</id></webApp><webAppAuthRecord><isDefault>true</isDefault></webAppAuthRecord><scannerAppliance><type>EXTERNAL</type><friendlyName>External</friendlyName></scannerAppliance></target><profile><id>12345</id></profile></WasScan></data></ServiceRequest>'
xml_output = qgc.request(call, parameters)
print xml_output

 

Generate Report:
import lxml.objectify
from lxml.builder import E
import qualysapi
import requests
qgc = qualysapi.connect()
call = '/create/was/report'
parameters = '<ServiceRequest><data><Report><name>Web_App_Report</name><description><![CDATA[A web application report]]></description><type>WAS_WEBAPP_REPORT</type><format>PDF</format><config><webAppReport><target><tags><included><option>ALL</option><tagList><Tag><id>12345</id></Tag></tagList></included></tags></target></webAppReport></config><template><id>12345</id></template></Report></data></ServiceRequest>'
xml_output = qgc.request(call, parameters)
print xml_output

Outcomes