You can launch a SCAP scan report in Asset Reporting Format (ARF) using our API, a requirement in the SCAP 1.2 specifications from NIST.
Tell me about user permissions
Users have permission to run this API function when the SCAP module is enabled for the user's subscription. Sub-accounts (Unit Managers, Scanners and Readers) must have the "Manage compliance" permission.
Use the SCAP ARF Report API v2 (the resource /api/2.0/fo/compliance/scap/arf/). You'll need to provide the scan ID for a finished SCAP scan (use the "id" input parameter). You can limit the report to certain IP addresses only (use the optional "ips" parameter). Do you have the Networks feature turned on? If yes and you specify "ips" you can limit the report to a specific network (use the optional "ips_network_id" parameter).
How do I find the SCAP scan ID?
You'll see the scan ID when viewing SCAP scan results in the user interface. In the scan results window's title bar you'll see the report URL with its ID number in the "id" parameter, like this:
Here's a sample API request:
curl -u "USERNAME:PASSWORD"
-H "X-Requested-With: Curl" -X POST -d
Tell me about the Cloud Platform URL
https://qualysapi.qualys.com is the API server URL for US Platform 1. If your account is located on one of our other cloud platforms then you'll want to replace this base URL with the one that is appropriate for your location.
For example, for US Platform 2, use https://qualysapi.qg2.apps.qualys.com.
For the EU Platform, use https://qualysapi.qualys.eu. If you have a Private Cloud Platform, use a custom URL like https://qualysapi.<customer_base_url>.
The XML output is compliant with the ARF 1.1 Schema. Show me this Schema
Refer to the Qualys API User Guide for a better understanding of API conventions and detailed instructions on using API functions. Get the latest information from our Community.
From the Community
Qualys API (VM, PC) User Guide