Every completed scan has a scan results report with the raw, unfiltered results.
Go to VM/VMDR > Scans, identify the scan you're interested in and select View from the Quick Actions menu.
By selecting Download from the Quick Actions menu you can save a copy locally in one of many formats.
Scan results in XML: Qualys API (VM, PC) User Guide
Yes. Choose View from the Quick Actions menu for your running scan. The scan status appears and partial results are available in an HTML report for the IPs that have been scanned. You can look at the results but you can't run reports on the data until the scan is finished and the results have been processed.
You'll see the average security risk score for all active hosts in the scan results report in the Summary of Vulnerabilities section. The average security risk is calculated as the sum of the security risk scores for all active hosts divided by the number of active hosts. (This calculation method applies to the averages security risk in scan results.)
What is the security risk for each active host?
You'll see each scanned host identified by IP address with additional information (if collected during the scan):
IP address (DNS hostname, NetBIOS hostname) Operating System
For each host, you'll see the detected vulnerabilities by severity level - confirmed vulnerabilities, potential vulnerabilities and information gathered. Tell me about severity levels. Disabled vulnerabilities will appear grayed out.
You'll see a list of hosts that were scanned and not scanned in the Appendix section of your scan results. A host may not be scanned for a variety of reasons.
Show me reasons a host may not be scanned
Hosts that fail authentication appear in the Appendix section of your results. We recommend you run the Authentication Report to get information to help you with troubleshooting the issue before you launch new scans. Go to Reports > Reports and choose New > Authentication Report.
The Operating Systems Detected graph will be empty if your scan did not include "Operating System Detected" vulnerability (QID 45017). The Services Detected graph will be empty if your scan did not include "Open TCP Services List" (QID 82023) and "Open UDP Services List" (QID 82004). Check the option profile you selected for the scan to be sure these QIDs are selected.
Large reports are divided into segments of IPs to make the results more manageable. Use the View menu to see the available segments, and then select a segment and click Go to see the results for that segment.
Tip: Create a scan report with fewer hosts using a report template that filters the output by asset groups or tags. This will make your scan results more manageable for reviewing and sharing with others. You can do this by going to VM/VMDR > Reports > Templates. There are several templates you can choose from (we recommend the Technical Report or the High Severity Report to begin) and you can change the template to select asset group or tags.
For authenticated scans it's important to verify that authentication was successful. It is recommended that you resolve authentication failures before the next scan. Learn more
We store saved scan results separate from host scan data (also called Automatic data). Host scan data is the normalized data collected from your scan results and this is updated as new scans are completed and scan results are processed. Host scan data provides the most up-to-date information and current security status for each host. This appears throughout the user interface and in Automatic vulnerability scan reports. Learn more