I am still new to Qualys and I had a question that I was hoping you could answer which is: How would I be able to create an authentication report showing all the Linux and Windows devices that have failed authentication?
Then you would indicate New Authentication Report. Then you limit by business unit, asset groups IP or Asset Tags.
Let me know if you need additional information.
If your trying to do a report on a particular Authentication record you can go to the authentication TAB and select details next to one of your records on the far right.
Most users run an auth report to determine whether Qualys can correctly scan each host asset; however, auth does not provide a full picture. MS Windows for instance, requires registry access, as well as having the proper privilege to access the registry and necessary files. On top of that we have seen occasional additional issues (SMB protocol related??) which prevent proper scanning. Does Qualys provide any canned report to indicate which host assets it has trouble [authenticated] scanning, or is it necessary for each customer to create their own custom reports using INFO QIDs?
Should be easy for a Qualys template to be developed; I would be happy to test as I am doing something similar in my code checking for other QIDs besides just authentication succeeded.
Retrieving data ...