1. In a browser window, log into your Qualys portal.
2. In the top right of the window, navigate to Help > About
3. Copy the URL which contains the string qualysapi
4. In a new browser window, open Nucleus and browse to Project Administration > Connectors.
5. Under the Scanners section, click the Qualys icon.
6. In the Setup Qualys Connector popup, complete the following fields:
- Name: Enter a short name for the connector to uniquely identify it, such as "Nessus scanner - U.S. East coast"
- Description: Optionally, enter a description for the connector
- Qualys URL: Enter the URL you just copied from the Qualys portal
- Note: When entering the URL, make sure to include https:// at the front or you will get an error
- Note: If on-prem Qualys, enter the URL (including port number) of your Qualys instance.
- Note: If you are using the Nucleus tunnel, please skip the rest of this document and start at the beginning of this resource: Setting up a Connector through the Nucleus Tunnel
- Username: Enter the username you use to login to Qualys
- Password: Enter the password you use to login to Qualys
7. [OPTIONAL] Fill out the following Optional Fields:
- Import Groups: Checking this box will sync asset groups from Qualys into Nucleus automatically and be displayed as asset groups in Nucleus.
- Import Groups From WAS: Checking this box will sync the asset groups from Qualys_WAS assets into Nucleus groups for display in Nucleus Automatically
- Delete Report After Ingest: Checking this box will tell Nucleus to automatically delete the report which was ingested from Qualys in order to reduce report overhead (since Qualys limits report space)
- IMPORTANT NOTE: Only Qualys users with the "Manager" Role have the ability to delete reports which are not their own. In order for this to work correctly you will need to ensure that either:
- A: The service account you are using to access Qualys from Nucleus has the "Manager" role or
- B: The service account you are using to access Qualys from Nucleus has the added permission to delete reports which are not their own
- IMPORTANT NOTE: Only Qualys users with the "Manager" Role have the ability to delete reports which are not their own. In order for this to work correctly you will need to ensure that either:
- Use XML Requests: Checking this box tells Nucleus to import from Qualys using a different Qualys data format, which is going to be deprecated at some point. This allows you to set false positives in Qualys and have that status sync to Nucleus
- NOTE: XML request is a much slower ingest and will not work with large Qualys scans due to their API being unable to serve large XML data.
8. Click the "Save Connection" button and wait for the Success message.
9. Click the "Test Connection" button. You will see a message to notify you that the connection test was successful. Your connector is now set up properly.
- Note: All scan types to which you have access will be populated, including Qualys WAS, Qualys VM, and Qualys Reports.
- Note: To import scans, Navigate to "Scans > Import Scans via Connector" and select this Qualys connector to see your scans you can import
10. Close the popup window.
For Qualys Best Practices, please refer to our Qualys Best Practices Support Document, where we cover topics such as:
- Importing Scans vs Reports
- Utilizing Qualys Agentless Tracking
Comments
0 comments
Please sign in to leave a comment.