Has anyone used API to back up their Qualys system?
What do mean by 'Back up'?
Recently we had an issue with our reporting failed because tags lost their assets. It took me a 2 weeks to present to get them back correct. I was new to the system, took on a role that was handled by someone that retired, all tags were customized on per person basis as to what assets were handled by application admin and OS admin. Me being new I was able to get them up and running very quick because needless to say that person retired. So, we are still working on some glitches and we have an architect working on our case. We were made aware that there is no back up no reverting back to snapshot for issues such as these. So, in turn I've been backing up the system with csv's into their rightful folder that were made to mimic the way Qualys is formatted. However, i have to do this everyday; so i wanted to set up an API or either some kind of Cron job to back it up, so i don't have to manually do this every day and we can at least have the documentation available in case this happens again.
Can you post your current process for pulling these CSVs?
Its very simple, all I do is pull up Qualys and two instances of file manager. I have set up a mock of Qualys in folder format. 1. Go to vulnerability management in Qualys
2. Go to my vulnerability management in my folders
3. Go back to Qualys VM
-filters - Vulnerability Scans
-Go to New-download
-download to CSV
*each filter has its own folder, I just drag and drop the csv in each of the folders. So cans has two that are important to us. Vulnerability scans, and finished scans (which each has their folders)
4.Go to the Maps-download-go to the folders- drag and drop
5. Go to schedule's- go to each filter (scan tasks and active tasks)-go to new- download drag and drop in its folder
**I do this for each tap, under scans, reports, remediation, assets, and users(just in case ive added new users)
****Then I go to Asset view and download all assets into csv drag and drop in its folder, as well as the tags.Very repetitive.
I forwarded this thread to your TAM, who I think can help you rationalize your processes with Qualys.
Thank you, hes aware of our process; I actually asked the architect that is working our case; and he included my TAM as well. I was wondering if anyone else used something to backup manually too.
Short answer is Yes you can do what you want with the API. Here is link to the Qulays documentation Documentation | Qualys, Inc. You should see the "API Guides" there.
I recommend looking under the Quick guide and Scans, Scheduled Scans and the Asset Management and Tagging API (I don't really use tagging so you are on your own there):
@sam friday Thank you for the information. If you don't use tagging how do you do your reporting just curious also what is the difference between api v1 and v2?
Asset Groups to run reports. Unsure of all the API differences. (lot of it has to do with the authentication, calls and format of the return) Yet, I find v2 to be easier to deal with.
Retrieving data ...