/api/2.0/fo/subscription/option_profile/?action=import
[POST]
Import all option profiles defined in input XML file to the user's account. Manager role is required.
When calling the Import Option Profile API the user needs to pass the proper XML with Content-Type XML. This will create option profiles in that user’s subscription. All validations are applied as in the Qualys portal UI while creating option profiles using the API.
Validations and Constraints:
1) The Option Profile DTD file is used to validate a generated/exported Option Profile XML file.
2) An XSD file is used to validate a proper format and required elements of the option profile XML file when importing this file.
3) While importing, any Search Lists defined for Vulnerability Detection, Custom and/or Excluded Lists, must be created in the user’s subscription before making an Import Option Profile call. At import time we try to match the Search List “title” to a search list title in the user’s subscription. If a match is found the search list is used, otherwise “Complete” Vulnerability Detection is assigned.
4) Password Brute Force Lists are not imported and will always be empty assigned, regardless of Option Profile XML content.
5) Policies defined for the PC Scan Restriction feature are not imported and will be empty assigned, regardless of Option Profile XML content.
Parameter |
Description |
action=import |
(Required) |
echo_request={0|1} |
(Optional) Specify 1 to view (echo) input parameters in the XML output. By default these are not included. |
where the file “Export_OP.xml” contains the request POST data
API request
curl -u "USERNAME:PASSWORD" -H "X-Requested-With:curl" -H "content-type: text/xml" -X POST --data-binary @Export_OP.xml "https://qualysapi.qualys.com/api/2.0/fo/subscription/option_profile/?action=import"
Request POST data
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE OPTION_PROFILES SYSTEM "https://qualysapi.qualys.com/api/2.0/fo/subscription/option_profile/option_profile_info.dtd">
<OPTION_PROFILES>
<OPTION_PROFILE>
<BASIC_INFO>
<ID>11123</ID>
<GROUP_NAME><![CDATA[OP-SCAN]]></GROUP_NAME>
<GROUP_TYPE>user</GROUP_TYPE>
<USER_ID><![CDATA[John Doe (john_doe)]]></USER_ID>
<UNIT_ID>0</UNIT_ID>
<SUBSCRIPTION_ID>76084</SUBSCRIPTION_ID>
<IS_DEFAULT>0</IS_DEFAULT>
<IS_GLOBAL>1</IS_GLOBAL>
<IS_OFFLINE_SYNCABLE>0</IS_OFFLINE_SYNCABLE>
<UPDATE_DATE>N/A</UPDATE_DATE>
</BASIC_INFO>
<SCAN>
<PORTS>
<TCP_PORTS>
<TCP_PORTS_TYPE>full</TCP_PORTS_TYPE>
<THREE_WAY_HANDSHAKE>1</THREE_WAY_HANDSHAKE>
</TCP_PORTS>
<UDP_PORTS>
<UDP_PORTS_TYPE>none</UDP_PORTS_TYPE>
<UDP_PORTS_ADDITIONAL>
<HAS_ADDITIONAL>1</HAS_ADDITIONAL>
<ADDITIONAL_PORTS>1-1024,8080,8181</ADDITIONAL_PORTS>
</UDP_PORTS_ADDITIONAL>
</UDP_PORTS>
<AUTHORITATIVE_OPTION>1</AUTHORITATIVE_OPTION>
</PORTS>
<SCAN_DEAD_HOSTS>1</SCAN_DEAD_HOSTS>
<CLOSE_VULNERABILITIES>
<HAS_CLOSE_VULNERABILITIES>1</HAS_CLOSE_VULNERABILITIES>
<HOST_NOT_FOUND_ALIVE>7</HOST_NOT_FOUND_ALIVE>
</CLOSE_VULNERABILITIES>
<PURGE_OLD_HOST_OS_CHANGED>1</PURGE_OLD_HOST_OS_CHANGED>
<PERFORMANCE>
<PARALLEL_SCALING>1</PARALLEL_SCALING>
<OVERALL_PERFORMANCE>Custom</OVERALL_PERFORMANCE>
<HOSTS_TO_SCAN>
<EXTERNAL_SCANNERS>30</EXTERNAL_SCANNERS>
<SCANNER_APPLIANCES>48</SCANNER_APPLIANCES>
</HOSTS_TO_SCAN>
<PROCESSES_TO_RUN>
<TOTAL_PROCESSES>18</TOTAL_PROCESSES>
<HTTP_PROCESSES>18</HTTP_PROCESSES>
</PROCESSES_TO_RUN>
<PACKET_DELAY>Maximum</PACKET_DELAY>
<PORT_SCANNING_AND_HOST_DISCOVERY>Minimum</PORT_SCANNING_AND_HOST_DISCOVERY>
</PERFORMANCE>
<LOAD_BALANCER_DETECTION>1</LOAD_BALANCER_DETECTION>
<PASSWORD_BRUTE_FORCING>
<SYSTEM>
<HAS_SYSTEM>1</HAS_SYSTEM>
<SYSTEM_LEVEL>Standard</SYSTEM_LEVEL>
</SYSTEM>
<CUSTOM_LIST>
<CUSTOM>
<ID>3001</ID>
<TITLE><![CDATA[123]]></TITLE>
<TYPE>FTP</TYPE>
<LOGIN_PASSWORD><![CDATA[L:temp,P:123123123]]></LOGIN_PASSWORD>
</CUSTOM>
</CUSTOM_LIST>
</PASSWORD_BRUTE_FORCING>
<VULNERABILITY_DETECTION>
<CUSTOM_LIST>
<CUSTOM>
<ID>2094</ID>
<TITLE><![CDATA[Option Profile: Qualys Top 20 Options]]></TITLE>
</CUSTOM>
<CUSTOM>
<ID>2095</ID>
<TITLE><![CDATA[Option Profile: 2008 SANS20 Options]]></TITLE>
</CUSTOM>
<CUSTOM>
<ID>2096</ID>
<TITLE><![CDATA[Scan Report Template: High Severity Report]]></TITLE>
</CUSTOM>
<CUSTOM>
<ID>5230</ID>
<TITLE><![CDATA[118960]]></TITLE>
</CUSTOM>
<CUSTOM>
<ID>87936</ID>
<TITLE><![CDATA[Bash Shellshock Detection]]></TITLE>
</CUSTOM>
<CUSTOM>
<ID>87937</ID>
<TITLE><![CDATA[Heartbleed Detection]]></TITLE>
</CUSTOM>
<CUSTOM>
<ID>87938</ID>
<TITLE><![CDATA[Windows Authentication Results v.1]]></TITLE>
</CUSTOM>
<CUSTOM>
<ID>87939</ID>
<TITLE><![CDATA[Unix Authentication Results v.1]]></TITLE>
</CUSTOM>
<CUSTOM>
<ID>87940</ID>
<TITLE><![CDATA[Inventory Results v.1]]></TITLE>
</CUSTOM>
<CUSTOM>
<ID>87941</ID>
<TITLE><![CDATA[SSL Certificates]]></TITLE>
</CUSTOM>
</CUSTOM_LIST>
<DETECTION_INCLUDE>
<BASIC_HOST_INFO_CHECKS>1</BASIC_HOST_INFO_CHECKS>
<OVAL_CHECKS>1</OVAL_CHECKS>
</DETECTION_INCLUDE>
<DETECTION_EXCLUDE>
<CUSTOM_LIST>
<CUSTOM>
<ID>2099</ID>
<TITLE><![CDATA[DL]]></TITLE>
</CUSTOM>
</CUSTOM_LIST>
</DETECTION_EXCLUDE>
</VULNERABILITY_DETECTION>
<AUTHENTICATION><![CDATA[Windows,Unix,Oracle,Oracle Listener,SNMP,VMware,DB2,HTTP,MySQL]]></AUTHENTICATION>
<AUTHENTICATION_LEAST_PRIVILEGE><![CDATA[Unix]]></AUTHENTICATION_LEAST_PRIVILEGE>
<ADDL_CERT_DETECTION>1</ADDL_CERT_DETECTION>
<DISSOLVABLE_AGENT>
<DISSOLVABLE_AGENT_ENABLE>1</DISSOLVABLE_AGENT_ENABLE>
<WINDOWS_SHARE_ENUMERATION_ENABLE>1</WINDOWS_SHARE_ENUMERATION_ENABLE>
</DISSOLVABLE_AGENT>
<LITE_OS_SCAN>1</LITE_OS_SCAN>
<CUSTOM_HTTP_HEADER>
<VALUE>AFCD</VALUE>
</CUSTOM_HTTP_HEADER>
<FILE_INTEGRITY_MONITORING>
<AUTO_UPDATE_EXPECTED_VALUE>1</AUTO_UPDATE_EXPECTED_VALUE>
</FILE_INTEGRITY_MONITORING>
<DO_NOT_OVERWRITE_OS>1</DO_NOT_OVERWRITE_OS>
<SYSTEM_AUTH_RECORD>
<INCLUDE_SYSTEM_AUTH>
<ON_DUPLICATE_USE_SYSTEM_AUTH>1</ON_DUPLICATE_USE_SYSTEM_AUTH>
</INCLUDE_SYSTEM_AUTH>
</SYSTEM_AUTH_RECORD>
</SCAN>
<MAP>
<BASIC_INFO_GATHERING_ON>netblockonly</BASIC_INFO_GATHERING_ON>
<TCP_PORTS>
<TCP_PORTS_STANDARD_SCAN>1</TCP_PORTS_STANDARD_SCAN>
<TCP_PORTS_ADDITIONAL>
<HAS_ADDITIONAL>1</HAS_ADDITIONAL>
<ADDITIONAL_PORTS>1,2,3,80</ADDITIONAL_PORTS>
</TCP_PORTS_ADDITIONAL>
</TCP_PORTS>
<UDP_PORTS>
<UDP_PORTS_STANDARD_SCAN>1</UDP_PORTS_STANDARD_SCAN>
<UDP_PORTS_ADDITIONAL>
<HAS_ADDITIONAL>1</HAS_ADDITIONAL>
<ADDITIONAL_PORTS>4,5,6,8181</ADDITIONAL_PORTS>
</UDP_PORTS_ADDITIONAL>
</UDP_PORTS>
<MAP_OPTIONS>
<PERFORM_LIVE_HOST_SWEEP>1</PERFORM_LIVE_HOST_SWEEP>
<DISABLE_DNS_TRAFFIC>1</DISABLE_DNS_TRAFFIC>
</MAP_OPTIONS>
<MAP_PERFORMANCE>
<OVERALL_PERFORMANCE>Custom</OVERALL_PERFORMANCE>
<MAP_PARALLEL>
<EXTERNAL_SCANNERS>16</EXTERNAL_SCANNERS>
<SCANNER_APPLIANCES>14</SCANNER_APPLIANCES>
<NETBLOCK_SIZE>64</NETBLOCK_SIZE>
</MAP_PARALLEL>
<PACKET_DELAY>Medium</PACKET_DELAY>
</MAP_PERFORMANCE>
<MAP_AUTHENTICATION>VMware</MAP_AUTHENTICATION>
</MAP>
<ADDITIONAL>
<HOST_DISCOVERY>
<TCP_PORTS>
<STANDARD_SCAN>1</STANDARD_SCAN>
<TCP_ADDITIONAL>
<HAS_ADDITIONAL>1</HAS_ADDITIONAL>
<ADDITIONAL_PORTS>1-6,1024</ADDITIONAL_PORTS>
</TCP_ADDITIONAL>
</TCP_PORTS>
<UDP_PORTS>
<STANDARD_SCAN>1</STANDARD_SCAN>
</UDP_PORTS>
<ICMP>1</ICMP>
</HOST_DISCOVERY>
<BLOCK_RESOURCES>
<WATCHGUARD_DEFAULT_BLOCKED_PORTS>1</WATCHGUARD_DEFAULT_BLOCKED_PORTS>
<ALL_REGISTERED_IPS>1</ALL_REGISTERED_IPS>
</BLOCK_RESOURCES>
<PACKET_OPTIONS>
<IGNORE_FIREWALL_GENERATED_TCP_RST>1</IGNORE_FIREWALL_GENERATED_TCP_RST>
<IGNORE_ALL_TCP_RST>1</IGNORE_ALL_TCP_RST>
<IGNORE_FIREWALL_GENERATED_TCP_SYN_ACK>1</IGNORE_FIREWALL_GENERATED_TCP_SYN_ACK>
<NOT_SEND_TCP_ACK_OR_SYN_ACK_DURING_HOST_DISCOVERY>1</NOT_SEND_TCP_ACK_OR_SYN_ACK_DURING_HOST_DISCOVERY>
</PACKET_OPTIONS>
</ADDITIONAL>
</OPTION_PROFILE>
</OPTION_PROFILES>
XML output
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE SIMPLE_RETURN SYSTEM "https://qualysapi.qualys.com/api/2.0/simple_return.dtd">
<SIMPLE_RETURN>
<RESPONSE>
<DATETIME>2017-04-03T11:17:43Z</DATETIME>
<TEXT>Successfully imported Option profile for the subscription Id 76084</TEXT>
<ITEM_LIST>
<ITEM>
<KEY>111234</KEY>
<VALUE>PCI-John</VALUE>
</ITEM>
</ITEM_LIST>
</RESPONSE>
</SIMPLE_RETURN>
<platform API server>/api/2.0/fo/subscription/option_profile/option_profile_info.dtd
<platform API server>/api/2.0/simple_return.dtd