Agentless Tracking - How to enable, cleanup and re-enable?

Document created by Shyam Raj Employee on Jul 18, 2018
Version 1Show Document
  • View in full screen mode

This document outlines the steps needed to enable, cleanup and re-enable Agentless Tracking.


Agentless tracking is useful in situations where your hosts have changing IP addresses and hostnames. Agentless tracking works by writing a unique Host ID to your asset and using that as a tracking mechanism.


Enabling Agentless Tracking

This feature needs to be enabled by the primary manager of your Qualys subscription. To identify the primary manager, navigate to Users > Users under the Vulnerability Management application.


The primary manager has an asterisk against the name, like below:



To enable Agentless Tracking, navigate to Scans > Setup > Agentless Tracking.


Review and accept the Agentless Tracking agreement.


Using Agentless Tracking

After the feature has been turned on, to use this you'll have to enable it while creating your authentication records.


  • Windows:

  • Unix:

On the next authenticated scan, Qualys will write the Host ID on your asset.



Cleanup Agentless Tracking


If you no longer wish to use Agentless Tracking, you may choose to clean up the Host ID created by Qualys.


Navigate to Scans > Setup > Agentless Tracking, and click on Cleanup.



The information window now shows that Cleanup is enabled.



On the next authenticated scan, Qualys will remove the Host ID from the target machine.


Re-enable Agentless Tracking


When you choose to Cleanup, the Agentless tracking feature continues to remain in the cleanup mode. If you wish to re-enable Agentless Tracking, start by Declining the agreement. This resets the feature.


Now enable it again and relaunch the scan to install the Host ID again.

3 people found this helpful