for launching scans
Scan parameters are below. These same parameters are used for launching scans (VM, PC, EC2).
See also: Scan schedule parameters
Parameter |
Description |
action=launch |
(Required) |
echo_request={0|1} |
(Optional) Specify 1 to view (echo) input parameters in the XML output. By default these are not included. |
scan_title={value} |
(Optional) The scan title. This can be a maximum of 2000 characters (ascii). |
target_from={assets|tags} |
(Optional) Specify "assets" (the default) when your scan target will include IP addresses/ranges and/or asset groups. Specify "tags" when your scan target will include asset tags. |
ip={value} |
Optional) The IP addresses to be scanned. You may enter individual IP addresses and/or ranges. Multiple entries are comma separated. One of these parameters is required: ip,asset_groups or asset_group_ids.ip is valid only when target_from=assets is specified. |
asset_groups={value} |
(Optional) The titles of asset groups containing the hosts to be scanned. Multiple titles are comma separated. One of these parameters is required: ip, asset_groups or asset_group_ids, asset_groups is valid only when target_from=assets is specified. These parameters are mutually exclusive and cannot bespecified in the same request: asset_groups and asset_group_ids. |
asset_group_ids={value} |
(Optional) The IDs of asset groups containing the hosts to be scanned. Multiple IDs are comma separated. One of these parameters is required: ip, asset_groups or asset_group_ids. asset_group_ids is valid only when target_from=assets is specified. These parameters are mutually exclusive and cannot be specified in the same request: asset_groups and asset_group_ids. |
exclude_ip_per_scan={value} |
(Optional) The IP addresses to be excluded from the scan when the scan target is specified as IP addresses (not asset tags). You may enter individual IP addresses and/or ranges. Multiple entries are comma separated. exclude_ip_per_scan is valid only when target_from=assets is specified. |
tag_include_selector={all|any} |
(Optional) Select "any" (the default) to include hosts that match at least one of the selected tags. Select "all" to include hosts that match all of the selected tags. tag_include_selector is valid only when target_from=tags isspecified. |
tag_exclude_selector={all|any} |
(Optional) Select "any" (the default) to exclude hosts that match at least one of the selected tags. Select "all" to exclude hosts that match all of the selected tags. tag_exclude_selector is valid only when target_from=tags isspecified. |
tag_set_by={id|name} |
(Optional) Specify "id" (the default) to select a tag set by providing tag IDs. Specify "name" to select a tag set by providing tag names. tag_set_by is valid only when target_from=tags is specified. |
tag_set_include={value} |
(Optional) Specify a tag set to include. Hosts that match these tags will be included. You identify the tag set by providing tag name or IDs. Multiple entries are comma separated. tag_set_include is valid only when target_from=tags is specified. |
tag_set_exclude={value} |
(Optional) Specify a tag set to exclude. Hosts that match these tags will be excluded. You identify the tag set by providing tag name or IDs. Multiple entries are comma separated. tag_set_exclude is valid only when target_from=tags is specified. |
use_ip_nt_range_tags_include={0|1} |
(Optional) Specify “0” (the default) to select from all tags (tags with any tag rule). Specify “1” to scan all IP addresses defined in tag selection. When this is specified, only tags with the dynamic IP address rule called “IP address in Network Range(s)” can be selected. use_ip_nt_range_tags_include is valid only when target_from=tags is specified. |
use_ip_nt_range_tags_exclude={0|1} |
(Optional) Specify “0” (the default) to select from all tags (tags with any tag rule). Specify “1” to exclude all IP addresses defined in tag selection. When this is specified, only tags with the dynamic IP address rule called “IP address in Network Range(s)” can be selected. use_ip_nt_range_tags_exclude is valid only when target_from=tags is specified. |
use_ip_nt_range_tags={0|1} |
(Optional) Specify 0 (the default) to select from all tags (tags with any tag rule). Specify 1 to scan all IP addresses defined in tags. When this is specified, only tags with the dynamic IP address rule called "IP address in Network Range(s)" can be selected. This parameter has been replaced by use_ip_nt_range_tags_include and use_ip_nt_range_tags_exclude parameters. The use_ip_nt_range_tag parameter is still supported. use_ip_nt_range_tags is valid only when target_from=tags is specified. |
iscanner_id={value} |
(Optional) The IDs of the scanner appliances to be used. Multiple entries are comma separated. For an Express Lite user, Internal Scanning must be enabled in the user's account. One of these parameters must also be specified in a request: iscanner_name, iscanner_id, default_scanner, scanners_in_ag, scanners_in_tagset. When none of these are specified, External scanners are used. These parameters are mutually exclusive and cannot be specified in the same request: iscanner_id and iscanner_name. |
iscanner_name={value} |
(Optional) The friendly names of the scanner appliances to be used or "External" for external scanners. Multiple entries are comma separated. For an Express Lite user, Internal Scanning must be enabled in the user's account. One of these parameters must be specified in a request for an internal scan: iscanner_name, iscanner_id, default_scanner, scanners_in_ag, scanners_in_tagset. When none of these are specified, External scanners are used. These parameters are mutually exclusive and cannot be specified in the same request: iscanner_id and iscanner_name. |
default_scanner={0|1} |
(Optional) Specify 1 to use the default scanner in each target asset group. For an Express Lite user, Internal Scanning must be enabled in the user's account. One of these parameters must be specified in a request for an internal scan: iscanner_name, iscanner_id, default_scanner, scanners_in_ag, scanners_in_tagset. When none of these are specified, External scanners are used. default_scanner is valid when the scan target is specified using one of these parameters: asset_groups, asset_group_ids. |
scanners_in_ag={0|1} |
groups scanner appliances. Appliances in each asset group are tasked with scanning the IPs in the group. By default up to 5 appliances per group will be used and this can be configured for your account (please contact your Account Manager or Support). For an Express Lite user, Internal Scanning must be enabled in the user's account. One of these parameters must be specified in a request for an internal scan: iscanner_name, iscanner_id, default_scanner, scanners_in_ag, scanners_in_tagset. When none of these are specified, External scanners are used. scanners_in_ag is valid when the scan target is specified using one of these parameters: asset_groups, asset_group_ids. |
scanners_in_tagset={0|1} |
(Optional) Specify 1 to distribute the scan to scanner appliances that match the asset tags specified for the scan target. One of these parameters must be specified in a request for an internal scan: iscanner_name, iscanner_id, default_scanner, scanners_in_ag, scanners_in_tagset. When none of these are specified, External scanners are used. scanners_in_tagset is valid when the target_from=tags is specified. |
scanners_in_network={value} |
(Optional) Specify 1 to distribute the scan to all scanner appliances in the network. |
option_title={value} |
(Optional) The title of the option profile to be used. One of these parameters must be specified in a request: option_title or option_id. These are mutually exclusive and cannot be specified in the same request. |
option_id={value} |
(Optional) The ID of the option profile to be used. One of these parameters must be specified in a request: option_title or option_id. These are mutually exclusive and cannot be specified in the same request. |
priority={value} |
(Optional for VM scans only) Specify a value of 0 - 9 to set a processing priority level for the scan. When not specified, a value of 0 (no priority) is used. Valid values are: 0 = No Priority (the default) 1 = Emergency 2 = Ultimate 3 = Critical 4 = Major 5 = High 6 = Standard 7 = Medium 8 = Minor 9 = Low |
connector_name={value} |
(Required for EC2 scan) The name of the EC2 connector for the AWS integration you want to run the scan on. |
ec2_endpoint={value} |
(Required for EC2 scan) The EC2 region code or the ID of the Virtual Private Cloud (VPC) zone. Need help finding the region code? Review Amazon EC2 AWS Regions and Availability Zones |
ec2_instance_ids={value} |
The ID of the EC2 instance on which you want to launch the VM or compliance scan. Multiple ec2 instance ids are comma separated. You can add up to maximum 10 instance Ids. |
ip_network_id={value} |
(Optional and valid only when the Network Support feature is enabled for the user's account)The ID of a network used to filter the IPs/ranges specified in the "ip" parameter. Set to a custom network ID (note this does not filter IPs/ranges specified in parameters asset_groups or asset_group_ids). Or set to "0" (the default) for the Global Default Network - this is used to scan hosts outside of your custom networks. |
runtime_http_header={value} |
(Optional) Set a custom value in order to drop defenses (such as logging, IPs, etc) when an authorized scan is being run. The value you enter will be used in the "Qualys-Scan:" header that will be set for many CGI and web application fingerprinting checks. Some discovery and web server fingerprinting checks will not use this header. |
scan_type=certview |
(Optional) Launch a CertView type scan. This option will be supported when CertView GA is released and enabled for your account. |
fqdn={value} |
(Optional) The target FQDN for a vulnerability scan. You must specify at least one target i.e. IPs, asset groups or FQDNs. Multiple values are comma separated. - DNS Tracking must be enabled for the subscription. A Manager user can enable this feature in the Qualys UI by going to Scans > Setup > DNS Tracking and checking the “Enable DNS Tracking for hosts” option. - You can specify FQDNs in combination with IPs and asset groups but not with asset tags. |
client_id={value} |
(Optional) Id assigned to the client (Consultant type subscription only). Parameter client_id or client_name may be specified for the same request. |
client_name={value} |
(Optional) Name of the client (Consultant type subscriptions only). Parameter client_id or client_name may be specified for the same request. |
include_agent_targets={0|1} |
(Optional) Specify 1 when your scan target includes agent hosts. This lets you scan private IPs where agents are installed when these IPs are not in your VM/PC license. Supported capabilities - This parameter is supported for internal scans using scanner appliance(s). This option is not supported for scans using External scanners. - This parameter is supported when launching on demand scans only. It is not supported for scheduled scans. Parameter iscanner_id or iscanner_name must be specified in the same request. |