/api/2.0/fo/compliance/scap/arf/
[POST]
Create a SCAP scan report in Asset Reporting Format (ARF). This report is supported using PC/SCAP.
Permissions - Users must have the PC and SCAP modules enabled for the subscription. Sub-accounts (Unit Managers, Scanners and Readers) must have the "Manage compliance" permission enabled.
SCAP 1.2 Specifications from NIST
Parameter |
Description |
scan_id={value} |
(Required) The scan ID for a finished SCAP scan. |
ips={value} |
(Optional) Use this parameter if you want to include only certain IP addresses in the report. You can enter a single IP, multiple IPs and/or ranges. Multiple entries are comma separated. |
ips_network_id={value} |
(Optional and valid only when the Network Support feature is enabled and the policy has SCAP 1.2 content) Use this parameter to restrict the report’s target to the IPs specified in the “ips” parameter (“ips_network_id” is valid only when “ips” is specified in the same request). |
You’ll see the scan ID in the Qualys user interface, when viewing SCAP scan results. In the scan results window’s title bar you’ll see the report URL with its ID number in the “id” parameter, like this: https:///qualyguard.qualys.com/fo/report/fdcc/fdcc_scan_result.php?id=3362251
API request
curl -u "USERNAME:PASSWORD" -H "X-Requested-With: Curl" -X POST -d "scan_id=3362251&ips=10.10.10.1-10.10.10.10" "https://qualysapi.qualys.com/api/2.0/fo/compliance/scap/arf/"
The XML output is compliant with the ARF 1.1 Schema. Click here to view this schema