We use Qualys Vulnerability Management at work to scan our assets for vulnerabilities. I needed to identify which assets hadn't been scanned in a long time. This could be done through the web interface by going to Assets->Asset Search and searching for assets with a Last Scan Date not within X days. But I needed to work with the results in PowerShell for further automation tasks
The Qualys API is pretty will documented here (version 1) and here (version 2). I'm going to use version 2 of the API as that's the latest supported version at time of writing
I'm also using PowerShell version 4 as that's what I've currently got installed on my workstation & automation server
First, lets setup some variables to hold our Qualys platform name & username/password details
Then we need to do some things to create the appropriate HTTP headers which the API expects, configure the number of hosts we want information back about and eventually use PowerShell's Invoke-WebRequest
to make the API request
At this point, $HttpResponse
is a HtmlWebResponseObject which has a property called Content. This contains the data the Qualys server sent to us following our request
The $HttpResponse.Content
is a string which is difficult to work with. However, as we requested Qualys to return the data in XML format, we should be able to convert the string to an XML object:-
And now we can work with the XML much easier. We can loop round each host and create a PowerShell objects for each host with the scan data, properly formed as we would expect in PowerShell
$HostAssets
now can be worked with in PowerShell for easy sorting/searching
If you find this useful, please let me know via the comments section below
Stuart
EDIT 18/01/2017
The PowerShell code used in this post can be found here
Edit 15/May/2018 Migrated from Blogger