Qualys Vulnerability Scanner
What is Discovered and Monitored
Protocol |
Metrics collected |
Used for |
---|---|---|
Qualys API |
Scan name, Scanned Host Name, Host OS, Vulnerability category, Vulnerability name, Vulnerability severity, Vulerability CVE Id and Bugtraq Id, Vulnerability Consequence |
Security Monitoring |
Event Types
In ADMIN > Device Support > Event, search for "qualys" in the Device Type column to see the event types associated with this device.
Rules
There are no predefined rules for this device.
Reports
In RESOURCE > Reports , search for "qualys" in the Description column to see the reports associated with this device.
Configuration
Qualys API
Create a user name and password that FortiSIEM can use as access credentials for the API.
You can configure FortiSIEM to communicate with your device, and then initiate discovery of the device. . For more information, refer to sections "Discovery Settings" and "Setting Credentials" in the User Guide.
Settings for Access Credentials
Use Host Name for IP Range in Access Credentials
Enter the host name for your Qualys service rather than an IP address when associating your access credentials to an IP range.
Settings for Qualys Vulnerability Scanner API Access Credentials
Set these Access Method Definition values to allow FortiSIEM to communicate with your device.
Setting | Value |
---|---|
Name | qualys |
Device Type | Qualys QualysGuard Scanner |
Access Protocol | Qualys API |
Pull Interval (minutes) | 5 |
Port | 443 |
User Name | A user who has access to the vulnerability scanner over the API |
Password | The password associated with the user |