Is there a way to identify the qualys probing packets in the logs, apart from source IP address? Our application support team wants to know if there is any http header / user-agent that we could use to filter qualys traffic. We use qualysguard VM tool for our monthly vulnerability scans.
Due to the heaving flooding of qualys probe packtes, the useful information related to application performance, load, etc., go unnoticed and also the team is finding it very hard to filter the qualys packets based on source IP address.
Appreciate a quick response.
Peter P. Saldanha