AnsweredAssumed Answered

When are scan data available for report generation ?

Question asked by Andrea Cuozzo on May 6, 2020
Latest reply on May 6, 2020 by Andrea Cuozzo

Hi,

 

we're developing an automated virtual machine creation procedure, one of the final quality control test is a powershell script that triggers a Qualys security scan of the newly generated vm, parses the report for vulnerabilities and downloads the technical report. The script works fine, but sometimes the report generated is blank, even though the scan result has the approriate data. The report says:

 

"No data is displayed due to one or more of these reasons:
- There was no data found for this host.
- This host was never scanned.
- The data for this host was purged.
- One or more hosts are in the Excluded Hosts list.
- Hosts were scanned but no open port was found."

 

By trial and error we're now making the script wait 15 minutes between the scan completion and the report generation, and this way the reports are correct, but I'm wondering if there is a Qualys condition to test that allows us to be sure it's the right time to generate the report without resorting to just sleep the script for an arbitrary amount of time.

 

Here's the psedo-code of the script:

 

  • gets newly generated vm ip address and adds it to the host assets
  • adds the ip address to a Windows authentication record (VMs are Windows servers in workgroup)
  • launches a scan on the ip address and waits for the scan to complete using the following test:

 

SCAN_LIST_OUTPUT.RESPONSE.SCAN_LIST.SCAN.STATUS.STATE   -eq  'finished'

 

  • parses the scan result for vulnerabilities

 

At this stage of the script we already have the data we need, but we couldn't find an api call to just download the scan results, what can be done via this gui menu:

 


insted, we proceed to wait an arbitrary amount of time and then generate a report

  • waits for 15 minutes
  • launches the report and waits for the report to complete using the following test:

 

REPORT_LIST_OUTPUT.RESPONSE.REPORT_LIST.REPORT.STATUS.STATE    -eq   'finished'

  • downloads the report

 

Is there a Qualys condition to test, something like "scan data is now available for report generation", instead of just sleeping the script ?

 

Thanks,

 

Andrea

Outcomes