Get Ticket Info


View remediation ticket information from the user’s account that can be integrated with third-party applications. Only remediation tickets that the user has permission to view are returned in the resulting ticket information report.

Basic HTTP authentication is required. Session based authentication is not supported using this API.

Qualys recommends that you run the get_tickets.php function two times a day, so that ticket updates due to the latest scan results and user productivity are made available in the ticket information reports.

Permissions - Managers can view all tickets in subscription. Unit Managers can view tickets for IP addresses in their same business unit. Scanners and Readers can view tickets for IP addresses in their own account.

Input Parameters




(Optional) Specifies ticket numbers for which ticket information will be retrieved. Ticket numbers are integers, assigned by the service automatically. A maximum of 1,000 ticket numbers may be specified. Multiple ticket numbers are comma separated.

This parameter or since must be specified.


(Optional) Specifies the start date/time of the time window for retrieving tickets. Only tickets that have been updated within this time window will be retrieved. The end date/time of the time window for retrieving tickets is the date/time when get_tickets.php is run.

The start date/time is specified in YYYY-MM-DDTHH:MM:SSZ format (UTC/GMT), like “2018-05-10T02:33:11Z”.

This parameter or ticket_numbers must be specified.


(Optional) Specifies the current state of tickets to be retrieved. A valid value is OPEN, RESOLVED, or CLOSED. If unspecified, tickets with all states are retrieved.


(Optional) Specifies whether vulnerability details will be retrieved. By default, vulnerability details will not be retrieved. To retrieve vulnerability details, specify vuln_details=1.

Vulnerability details include a description of the threat posed by the vulnerability, the impact if it is exploited, a verified solution, and in some cases test results returned by the scanner.



Retrieve remediation tickets that have been updated since July 1, 2018 at 1:00:00 AM (UTC/GMT) and that have any state (Open, Resolved, or Closed)

API request


Retrieve certain remediation tickets with vulnerability details

API request,002738,002740&vuln_details=1



<platform API server>/remediation_tickets.dtd