• Products
  • Get started
  • Documentation
  • Resources

Data Manager - Qualys Adapter

Assets Data Manager for Jira Service Management Cloud is currently rolling out in Open Beta and will be available to all Premium + Enterprise sites by end of October 2024.

Introduction

Qualys is a tool produced by Qualys a company of the same name. It is used to detect network vulnerabilities across an environment.

Qualys Adapter uses an API connection to bring data into Assets Data Manager.

Before you start setting up

This task requires Data Manager Adapters admin permissions to complete. See how permissions and roles work in Data Manager.

 

Ensure that the Qualys source is API enabled with relevant firewall rules established. Also ensure that the credentials to access the source are available.

It is also important to note that the Qualys API works in 3 different ways -

  1. Host Assets (Direct Import to SQL) - this is a canned query using the HostAsset call that will return a set list of fields, loading them directly into Data Manager.

  2. Report (Save to CSV) - this uses a report saved in Qualys with whatever fields you want to consume, and then loads the file from a CSV file into Data Manager.  This allows the CSV file to be modified, if required, prior to loading into Data Manager.

  3. Report (Direct Import to SQL) - this is where a report is written in Qualys with the desired fields.  However, this will load the data from that report directly into the Data Manager without the manipulation option.

When using Option 2 or 3, the API URL and the Token ID must be entered prior to trying to select the Report ID.  They are required for Assets Data Manager to collect the reports.

How do I connect this tool to Assets Data Manager?

Follow this procedure to connect this tool to Assets Data Manager using the custom-built Adapter:

  1. Gather all of the information listed in the Data Manager Fields section, such as the Name, Object class, Data Source Name, and Data Source Type.

  2. Gather all of the information in the Qualys Fields section - this may require consultation with the subject matter expert (SME) for Qualys.

  3. Within Data Manager:

    1. Create a new job by selecting the Adaptor that matches your tool.

    2. Configure all of the required fields with the appropriate information.

  4. Within Qualys:

    1. Follow all of the steps listed in the Authentication and authorization section, below, to properly configure Authentication and authorization.

    2. Review the information in the API Call section. This section only applies when Host Assets (Direct Import to SQL) is selected.

    3. Review the information in the Fields Retrieved section, below.

Each time this job is run, the data your have selected will be brought into Data Manager using the configured Adapter and become raw data.

Data Manager Fields

You will need to specify the following information from Assets Data Manager:

  1. Name - the name of the connection, visible as the job name in Adapters.

  2. Object Class - the name of the Object Class you want to the data to be loaded into.

  3. Data Source Name - the type of data being created; which is usually the tool name, e.g AD, Qualys etc. Note: This can be the same as Name.

  4. Data Source Type - what type of data is the tool providing? For example, Assets, CMDB, user location and more.

Qualys Fields

You will need to specify the following information from Qualys:

  1. API URL - The Qualys instance URL to enable Data Manager to connect to the Qualys source.

  2. Username and Password - User name and password to generate the API Access Token.

  3. API Access Token - Encoded base-64 string used in authorization of Qualys API access. This token is generated upon populating the username and the password fields and clicking on the GENERATE button.

  4. Action Type - There are 3 types of actions in Qualys

    • Host Assets (Direct Import to SQL) - no additional fields are required

    • Report (Save to CSV) - the Qualys report number and the location of the CSV file (file path) to load will be required.

    • Report (Direct Import to SQL) - the Qualys report number will be required.

  5. API Timeout - Maximum time in minutes for the completion of report generation process.

  6. Api limit - Maximum number of records to return. This allows the enforcement of the amount of request/quantity of data (or records) to be consumed by the Data Manager Adapters.

By default, the API limit is set to 0 meaning that there are no restrictions, however if connecting to a Qualys source that is heavily populated with data, the best practice is to limit the rate to 1000. 

API Call

The API call for Qualys when Host Assets (Direct Import to SQL) is selected : POST ApiUrl/qps/rest/2.0/search/am/hostasset.

Fields Retrieved for Host Assets

If the fields returned are incorrect or you’ve not selected Host Assets (Direct Import to SQL) option, speak to your Qualys SME and arrange for the source report in Qualys to be corrected.

The following fields are retrieved:

1 2 3 4 5 6 7 8 9 10 Id Name Type Os Created LastVulnScan LastCheckedIn Address Fqdn TrackingMethod

 

Still need help?

The Atlassian Community is here for you.