I would like to be able to get the number of vulnerabilities by severity but I was unable to find anything practical in the API that allows for something like this. Is there a simple way to get the number of vunerabilities by severity?
Hey Austin, are you looking for the complete total number of vulnerabilities? Or are you looking against a specific tag or asset group?
I essentially want to be able to pull down the numbers from the graph shown on the VM Dashboard. But lets go with getting vulnerabilities against an asset group.
I have the same question. Where can I find the api documentation for getting the dashboard numbers?
This is the dashboard:
I looking for the summary numbers (new, active, reopened, last_updated) and the numbers of the vulnerabilities by severity.
I can see the browser making calls to https://qualysguard.qualys.com/fo/home/dash_update.php and https://qualysguard.qualys.com/fo/scan/get_scan_info.php, but I can't find any documentation for these scripts.
I did find this article
which creates a spreadsheet, but that api call (asset/host/vm/detection/?action=list&truncation_limit=0&severities=1,2,3,4,5) takes several minutes to run whereas the dashboard summary information is returned in under a second.
I'm hoping to collect the data and trend it.
under Help/Resources/APIQualysGuard Scripts there is a PERL script called ag_sc that uses the API to calculate these values per AG and provides a number of filtering options usch as date, type and severity.
Let me know if that works for you
Here is a run on of my demo accounts:
$ perl ./ag_sc.pl
John Doe; Sandbox; ; ; ;162; 364; 274; 0; 0; 800; 7; 7
Top IP 5 Report - score; ip
Top 5 Report - count;qid;severity;title;age;average age
00006; 90043;3;SMB Signing Disabled or SMB Signing Not Required;399;333
00005; 90080;3;Administrator Account's Password Does Not Expire;399;392
00005; 90042;3;Enabled DCOM;399;392
00005; 70001;3;NetBIOS Shared Folder List Available;399;320
00005; 118423;3;Hotfix KB2264107 (DLL hijacking) Not Installed / Not Configured;399;392
Retrieving data ...