Wondering if anyone can help me with groovy script code to tag assets that have the following.
- specific asset tag already applied to assets
- no lastvmscandate.
The asset search query i am using is tags.name: `<my tag>` and not lastVmScanDate < now-1s , this is run on an aws environment to highlight assets which we are failing to pick up with scheduled scans, seems to be a problem across all our AWS at moment with assets showing this "New" status but which we are unable to clear because they dont get picked up by the qualys scanner within the aws environment. I have a support request open but am trying a few things myself outside of this as ticket is moving slowly.
Ideally i would be able to apply an EC2 tag using the following
connectors.connector.name:`<my connector>` and aws.ec2.instanceState:"RUNNING" and aws.ec2.isQualysScanner:"false" and not lastVmScanDate < now-1s
but qualys will not allow me to mix VM search functionality with EC2 functions withing the tags but will allow it through the elastic search, not very helpful i have to say.
So i am looking to groovy to try flag the lastVMScanDate < now-1 second + my asset tags, then i will create another tag for the running instances + not qualys scanner. This should allow me to run my scans using both tags.
That is the theory anyway.
Just out of interest anyone else out there having trouble with AWS / EC2 and this scanning issues ?
Regards , Mike.