Could you please tell me how I can eliminate a false positive for a specific IP . I don't want to ignore the QID for all the asset group. Where can I make that rule please ?
To ignore a QID for a specific IP, the following can be done:
1. Search the IP under Assets > Asset Search (make sure pop-ups are enabled):
2. Click the IP to view Host Information:
3. From the Vulnerabilities Section, ignore the vulnerability:
Thank you for your response. And do you know if it is effectively going to be ignored during the scan ( In scan reports that we scheduled) so that our follow up based on those reports would accurate ? Thanks
In the report template, you have the option to include or exclude ignored vulnerabilities in the Filter > Vulnerability Filter > State section. If you check the box, the ignored vulnerability WILL appear in your report. Left unchecked, the ignored vulnerability WILL NOT appear in your report.
Can you please also share the API details, like which API should we use to ignore the vulnerability from a particular host?
Please review Chapter 12 - VM Remediation Tickets (page 481) in Qualys API (VM, PC) User Guide available online here: Documentation | Qualys, Inc.
I have gone through this. Can you please give an example which API to use and what call to make?
I am not a Qualys user, I have a requirement to ignore the vulnerability via an API call from a third party system. Please help.
Retrieving data ...