AnsweredAssumed Answered

How to detect qualys' probing packets in application logs?

Question asked by ptrsaldanha on Feb 16, 2014
Latest reply on Feb 16, 2014 by djprakash



Is there a way to identify the qualys probing packets in the logs, apart from source IP address? Our application support team wants to know if there is any http header / user-agent that we could use to filter qualys traffic. We use qualysguard VM tool for our monthly vulnerability scans.


Due to the heaving flooding of qualys probe packtes, the useful information related to application performance, load, etc., go unnoticed and also the team is finding it very hard to filter the qualys packets based on source IP address.


Appreciate a quick response.



Peter P. Saldanha