I know how to run the report to view which vulnerabilities are ignored, but where can I find the comments that were entered when that vuln was ignored?
When a vulnerability is ignored, a ticket is created in the Remediation workflow which is set to Closed/Ignored. You can see all updates on those tickets from the Remediation section of the VM module.
Our ticketing system has been lacking so I apologize, but I am not finding it. We have about 1k tickets showing and when I go to filter by Closed/Ignored tickets there are no results.
If QIDs have been disabled in the KnowledgeBase, this would explain why you're not seeing them in the Remediation Tickets page. If you reach out to your TAM they may be able to assist you in finding the information you're looking for. If you are based in the UK, they may also be able to get some of my time to help.
I will reach out to our TAM as I am in the US, thanks for the info.
If there are comments on why it was ignored, I believe that information can be pulled out of the API. If a vulnerability is suppressed, then in the ticket history it should show the remediation policy rule name that suppressed it and when it suppressed the vulnerability.
If you are leveraging a Qualys Remediation Policy to Close/Ignore tickets, my suggestion would to be review the content of the remediation policy:
You will find additional information for extracting the comments via API in this post Can I export comments in Remediation Tickets and/or add Comments in reports?
Retrieving data ...