Qualys Vulnerability Scan - Export Results

ZeroNorth Experts
, ,
1

Suggested reading: ZeroNorth’s Supported Execution Modes

Overview

Exporting Qualys scan results XML File for import into ZeroNorth. If you have existing Qualys Vulnerability (host/network) scans and would like to import that data into ZeroNorth for viewing the data in the various ZeroNorth dashboard along with related Issues, follow the steps below.

Exporting the Results XML from Qualys

Step 1 - Generate a Template

  1. Navigate to Reports > Templates > Scan Template .
  2. Enter a report name (e.g. “ZN-VM-template”).
  3. Findings:
  • Host Based Findings
  • Choose Host Targets > Asset Groups > All .
  • Cloud Agent including is optiona.
  1. Display (check the following):
  • Summary of Vulnerabilities > Text Summary
  • Uncheck all Graphics.
  • Sort By > Host
  • Display Host Details > Host Details
  • Include the following detailed results in the report:
    • All options
  1. Filter:
  • Select Vulnerability Reporting > Complete .
  • Vulnerability filters:
    • Status - check all statuses.
    • State - check all “Active”.
  • All other filters/Svcs & Ports/Access settings are optional.
  1. Click Save .

Step 2 - Generate the Report

  1. Go to Reports > Reports > New > Template Based Scan Report .
  2. Enter a Name for the report.
  3. Report Template - select the template you created the above step.
  4. Report Format - “Extensible Markup Language (XML)”
  5. Report Source - select the assets you want to report on (by Tag or by IP).
  6. Run the report.
  7. Save the reports as an XML file with a desired name.

Importing the Qualys XML file to ZeroNorth

This is done by performing an upload of the file to ZeroNorth. The scanning-tool-independent procedure for this is described the related KB article Manual Upload of Scan Results .