Manage Your Scans

How do I stop my scan?

How do I view scan results?

How can I check my scan's progress?

How do I download scan results to my system?

How do I know when the scan is finished?

How long are scan results saved?

When can I run reports on scans?

Can I run my scan again?

Tell me about scan processing

Pay Per Scan account

Where can I get scan status information?

Scanner appliance placement

Tell me about the start date in the Scans preview pane

How to prevent BASH history file from filling up

What is a scan segment?

 

My scan was deleted. Can I still report on the findings?

 


How do I stop my scan?

You have a few options. You can pause the scan (and resume it later) or cancel the scan. Select the scans you want to stop from the scans list and then choose an action from the Actions menu.

Learn more about paused scans

Learn more about canceled scans

How can I check my scan's progress?

Yes, at any time. Choose View from the Quick Actions menu for any running scan. You'll see the IPs that have already been scanned, the IPs currently being scanned and the IPs waiting to be scanned. For a vulnerability scan, you can also access partial results as they become available. Once the scan is finished you'll be able to view and download the full results.

How do I know when the scan is finished?

The scan status will show "Finished". At this time you can select View from the Quick Actions menu to see the full results in an HTML report. If you have notifications turned on you'll get an email. This is especially useful if you logged out of the application or went on to do other things while the scan was running. You can change notification settings in your user profile. Select User Profile below your user name (in the top right corner) and go to the Options section.

When can I run reports on scans?

Scan results must be processed in order for you to see the related scan data in reports and other places in the UI. Check the processing status on the scans list to be sure. You'll see Scan Finished, Results Processed Icon when scan results are processed, and Scan Finished, Results Not Processed Icon when scan results are not processed. Go to Filters > Processing Tasks to see processing tasks and their status.

Tell me about scan processing

Scan processing is triggered automatically by the Qualys Cloud Platform. You might like to know when scan processing is kicked off. This depends on your subscription settings, specifically whether the New Data Security Model (NDSM) is enabled (Users > Security).

- Is New Data Security Model enabled (NDSM)? Scan processing is kicked off as soon as a scan has finished. No login by any user is needed.

- Is NDSM turned off (not enabled)? Scan processing is kicked off as soon as any user in the subscription logs in.

Where can I get scan status information?

Go to your scans list to get status information for all of your scans. The preview pane shows up-to-the-moment scan statistics even as your scan is running.

Tell me about the start date in the Scans preview pane

Each scan will have one or more scan segments. The Start date that appears in the preview pane depends on the status of the current scan segment.

- If the scan is running, it shows the start date as the current segment's start date.

- If the scan is paused or cancelled, is shows the start and end date of the current segment.

- If the scan is finished, it shows start date as the start date of the first segment and end date as that of the last segment.

What is a scan segment?

A scan segment identifies a portion of scanning work that the service has distributed to scanner(s). A scan will have one segment unless it is paused. If a scan is paused and resumed one time, the scan will have two segments. If it is paused and resumed five times it will have six segments.

My scan was deleted. Can I still report on the vulnerability data found by the scan?

Yes. For every scan we save vulnerability data detected by the scan as 1) scan results, and 2) as vulnerability data indexed by host. We use the indexed data to show you the most recent vulnerability data for hosts throughout the UI (on your dashboard, in your asset search, in remediation tickets, etc). If you choose to delete scans from your account you can still create scan reports that include the vulnerability data collected by the deleted scans. Just create a scan report template with Host Based Findings.

How do I view scan results?

Select View from the Quick Actions menu. You'll get an HTML report of the findings.

How do I download scan results to my system?

Select Download from the Quick Actions menu. Several download formats are available.

Tell me about scan results: VM Scan Results | PC Scan Results

Scan results in XML: Qualys API (VM, PC) User Guide PDF Icon

How long are scan results saved?

Scan results are saved in your account for a period of time defined by your storage settings. Go to Scans > Setup > Storage to view the storage settings and update if you want.

Good to know:

Host based findings are NOT deleted

PCI ASV scan results (external IPs with external scanners and PCI Option Profile) are saved for 2 years

Can I run my scan again?

Yes. Identify the scan you want to run again and select Relaunch from the Quick Actions menu. We'll do our best to prefill the scan settings to match the original scan. We may not be able to prefill settings if there were changes in your account like your assets changed or the option profile was renamed. Interested in automated scanning? Go to the Schedules tab and set up a recurring scan schedule for continuous monitoring.

I have a Pay Per Scan account. How do I see the number of scans remaining?

Go to Help > Account Info to see the number of scans available in your account.

How are scans counted?

How do I purchase more scans?

Scanner appliance placement

Follow these best practices recommended by our Support team for scanner appliance placement.

Consult your network group

Avoid scanning through a firewall from the inside out

How to prevent BASH history file from filling up

With Linux authenticated scans your user's BASH history file (bash_history) may get overrun because there are so many lines generated by the scan. To prevent this you can set the following value for HISTIGNORE.

HISTIGNORE=*QUALYS*:*ORIG_PATH*:echo\ *TEST*

What is HISTIGNORE?