Qualys Total Cloud
Qualys Total Cloud is a cloud security tool that scans your cloud environments for security violations. You can bring cloud resource, host, and violation data from Qualys into Brinqa to gain a unified view of your attack surface, thus strengthening your cybersecurity posture.
This document details the information you must provide for the connector to authenticate with Qualys Total Cloud and how to obtain that information from Qualys. See create a data integration for step-by-step instructions on setting up the integration.
Required connection settings
When setting up a data integration, select Qualys Total Cloud from the Connector drop-down. If you cannot find the connector in the drop-down, make sure that you have installed it first. You must provide the following information to authenticate Qualys Total Cloud with Brinqa:
-
API URL: The Qualys API Server URL. For information on how to determine your Qualys API URL, see Qualys documentation.
-
Username and Password: The username and password associated with the Qualys user, which must have permissions to log in to the API server and return data.
Create a Qualys user
To ensure the user account that the Qualys Total Cloud connector uses to access the Qualys server has the appropriate permissions and retrieve data, follow these steps.
-
Log in to your organization's Qualys server as an administrator.
-
Navigate to Users, and then select the Users tab.
-
Click New and select User. The New User dialog displays.
-
Fill out the general information for the new user.
-
Click User Role on the left menu.
-
From the User Role drop-down, select Reader.
-
Select GUI and API to enable API access, and leave Business Unit Unassigned.
noteGUI access allows the user to log in to the Qualys GUI (graphical user interface). After you create the new Qualys user, log in to the Qualys GUI using the new credentials. The system prompts the user to reset their password. The Qualys connector will not function until you complete the password reset.
-
-
Click Asset Groups.
- From the Add asset groups drop-down, select All or only the asset groups the Qualys user needs access to.
-
Click Permissions and select all of the available permissions.
-
Click Options to modify the notification options as needed.
-
Click Save.
The new Qualys user with appropriate permissions to retrieve data displays on the Qualys Users page.
If you do not wish to create a new Qualys user, you can leverage an existing user with the appropriate permissions.
note
If you do not have permissions to create a new Qualys user, contact your Qualys administrator. For additional information, see Qualys documentation.
Types of data to retrieve
The data retrieved from Qualys Total Cloud falls into three main categories: Cloud Resources, Hosts, and Violations:
Cloud Resources
Cloud Resources represent infrastructure components and services discovered in your cloud environments. These can include compute services, networking components, storage resources, and more.
Table 1: Cloud Resources
| Connector Object | Required | Maps to Data Model |
|---|---|---|
| Auto Scaling Group | Yes | Cloud Resource |
| Bucket | Yes | Cloud Resource |
| Cloud Function | Yes | Cloud Resource |
| EBS Volume | Yes | Cloud Resource |
| EKS Cluster | Yes | Cloud Resource |
| EKS Fargate Profile | Yes | Cloud Resource |
| EKS Node Group | Yes | Cloud Resource |
| Firewall Rules | Yes | Cloud Resource |
| Function App | Yes | Cloud Resource |
| IAM User | Yes | Cloud Resource |
| Internet Gateway | Yes | Cloud Resource |
| Lambda | Yes | Cloud Resource |
| Load Balancer | Yes | Cloud Resource |
| Network | Yes | Cloud Resource |
| Network ACL | Yes | Cloud Resource |
| Network Security Group | Yes | Cloud Resource |
| RDS | Yes | Cloud Resource |
| Resource Group | Yes | Cloud Resource |
| Route Table | Yes | Cloud Resource |
| SQL Server Database | Yes | Cloud Resource |
| Subnet | Yes | Cloud Resource |
| Subnetwork | Yes | Cloud Resource |
| Virtual Network | Yes | Cloud Resource |
| VPC | Yes | Cloud Resource |
| VPC Security Group | Yes | Cloud Resource |
| Web App | Yes | Cloud Resource |
Hosts
Violations
Violations represent security issues, policy misconfigurations, or compliance failures identified in your cloud environment. Violation Definitions describe the rules or policies used to detect these violations.
Table 3: Violations
| Connector Object | Required | Maps to Data Model |
|---|---|---|
| Violation | Yes | Violation |
| Violation Definition | Yes | Violation Definition |
Attribute mappings
Cloud resources
Expand the sections below to view the mappings between the Cloud Resource object types from Qualys Total Cloud and the Brinqa data model attributes:
Cloud Resources
Auto Scaling Group
Table 4: Auto Scaling Group attribute mappings
| Source Field Name | Maps to Attribute |
|---|---|
| accountAlias | Local variable |
| arn | Local variable |
| availabilityZones | Local variable |
| cidrBlock | Local variable |
| cloudAccountId | cloudAccountId |
| cloudType | cloudProvider |
| connectorUuid | Local variable |
| connectorUuids | Local variable |
| created | dateCreated |
| createdOn | Local variable |
| createdTime | Local variable |
| criticalityScore | Local variable |
| customerId | Local variable |
| customers | Local variable |
| description | description |
| displayName | displayName |
| groupArn | Local variable |
| groupName | Local variable |
| healthCheckType | Local variable |
| instances | Local variable |
| ipPermissionEgressSet | Local variable |
| ipPermissionList | Local variable |
| ipv6CidrBlockAssociationSet | Local variable |
| isDefault | Local variable |
| lastUpdated | lastModified |
| launchConfigurationName | Local variable |
| loadBalancerNames | Local variable |
| qualysTags | Local variable |
| region | cloudRegion |
| remediationEnabled | Local variable |
| resourceId | Local variable |
| resourceType | Local variable |
| scanId | Local variable |
| scanUuid | Local variable |
| status | status, sourceStatus |
| subnets | Local variable |
| tags | tags |
| type | type |
| uid | uid |
| vpcId | Local variable |
Bucket
Table 5: Bucket attribute mappings
| Source Field Name | Maps to Attribute |
|---|---|
| accountAlias | Local variable |
| arn | Local variable |
| availabilityZones | Local variable |
| bucketCreationDateStr | Local variable |
| bucketName | Local variable |
| bucketOwnerId | Local variable |
| bucketPolicy | Local variable |
| cloudAccountId | cloudAccountId |
| cloudType | cloudProvider |
| connectorUuid | Local variable |
| connectorUuids | Local variable |
| created | dateCreated |
| createdOn | Local variable |
| criticalityScore | Local variable |
| customerId | Local variable |
| customers | Local variable |
| description | description |
| displayName | displayName |
| ipPermissionEgressSet | Local variable |
| ipPermissionList | Local variable |
| ipv6CidrBlockAssociationSet | Local variable |
| isDefault | Local variable |
| lastUpdated | lastModified |
| ownerName | Local variable |
| qualysTags | Local variable |
| region | cloudRegion |
| remediationEnabled | Local variable |
| resourceId | Local variable |
| resourceType | Local variable |
| s3GrantList | Local variable |
| scanId | Local variable |
| scanUuid | Local variable |
| status | status, sourceStatus |
| subnets | Local variable |
| tags | tags |
| type | type |
| uid | uid |
| vpcId | Local variable |
Cloud Function
Table 6: Cloud Function attribute mappings
| Source Field Name | Maps to Attribute |
|---|---|
| arsScore | Local variable |
| categories | categories |
| cloudType | cloudProvider |
| connectorUuid | Local variable |
| connectorUuids | Local variable |
| created | sourceCreatedDate |
| creationTimeStamp | Local variable |
| criticalityScore | Local variable |
| customerId | Local variable |
| customers | Local variable |
| description | description |
| ipCidrRange | Local variable |
| lastUpdated | lastUpdated |
| network | Local variable |
| projectId | Local variable |
| projectNumber | Local variable |
| qualysTags | Local variable |
| region | cloudRegion |
| remediationEnabled | Local variable |
| resourceId | Local variable |
| scanUuid | Local variable |
| status | status, sourceStatus |
| subnetworks | Local variable |
| type | type |
| uuid | uid |
| version | Local variable |
EBS Volume
Table 7: EBS Volume attribute mappings
| Source Field Name | Maps to Attribute |
|---|---|
| accountAlias | Local variable |
| arn | Local variable |
| attachments | Local variable |
| availabilityZones | Local variable |
| cidrBlock | Local variable |
| cloudAccountId | cloudAccountId |
| cloudType | cloudProvider |
| connectorUuid | Local variable |
| connectorUuids | Local variable |
| createTime | dateCreated |
| created | sourceCreatedDate |
| createdOn | Local variable |
| criticalityScore | Local variable |
| customerId | Local variable |
| customers | Local variable |
| description | description |
| displayName | displayName |
| encrypted | Local variable |
| iops | Local variable |
| ipv6CidrBlockAssociationSet | Local variable |
| isDefault | Local variable |
| isSnapshotEnabled | Local variable |
| kmsKeyId | Local variable |
| lastUpdated | lastUpdated |
| qualysTags | Local variable |
| region | cloudRegion |
| remediationEnabled | Local variable |
| resourceId | Local variable |
| resourceType | Local variable |
| scanId | Local variable |
| scanUuid | Local variable |
| size | Local variable |
| snapshotId | Local variable |
| state | Local variable |
| status | status, sourceStatus |
| subnets | Local variable |
| tags | tags |
| type | type |
| uid | uid |
| volumeId | Local variable |
| volumeType | Local variable |
| vpcId | Local variable |
EKS Cluster
Table 8: EKS Cluster attribute mappings
| Source Field Name | Maps to Attribute |
|---|---|
| accountAlias | Local variable |
| arn | Local variable |
| associations.resourcesVpcConfig.clusterSecurityGroupId | Local variable |
| associations.resourcesVpcConfig.securityGroupIds | Local variable |
| associations.resourcesVpcConfig.subnetIds | Local variable |
| associations.resourcesVpcConfig.vpcId | Local variable |
| availabilityZones | Local variable |
| cidrBlock | Local variable |
| cloudAccountId | cloudAccountId |
| cloudType | cloudProvider |
| connectorId | Local variable |
| connectorUuid | Local variable |
| connectorUuids | Local variable |
| created | sourceCreatedDate |
| createdOn | Local variable |
| criticalityScore | Local variable |
| customerId | Local variable |
| customers | Local variable |
| description | description |
| displayName | displayName |
| endpoint | Local variable |
| identity | Local variable |
| ipv6CidrBlockAssociationSet | Local variable |
| isDefault | Local variable |
| lastUpdated | lastUpdated |
| platformVersion | Local variable |
| qualysTags | Local variable |
| region | cloudRegion |
| remediationEnabled | Local variable |
| resourceId | Local variable |
| resourceType | Local variable |
| resourcesVpcConfig.endpointPrivateAccess | Local variable |
| resourcesVpcConfig.endpointPublicAccess | Local variable |
| roleArn | Local variable |
| roleName | Local variable |
| scanId | Local variable |
| scanUuid | Local variable |
| status | status, sourceStatus |
| subnets | Local variable |
| tags | tags |
| type | type |
| uid | uid |
| vpcId | Local variable |
| version | Local variable |
EKS Fargate Profile
Table 9: EKS Fargate Profile attribute mappings
| Source Field Name | Maps to Attribute |
|---|---|
| accountAlias | Local variable |
| arn | Local variable |
| availabilityZones | Local variable |
| arsScore | Local variable |
| categories | categories |
| cidrBlock | Local variable |
| cloudAccountId | cloudAccountId |
| cloudType | cloudProvider |
| connectorUuid | Local variable |
| connectorUuids | Local variable |
| created | dateCreated |
| createdOn | Local variable |
| criticalityScore | Local variable |
| customerId | Local variable |
| customers | Local variable |
| description | description |
| displayName | displayName |
| instances | Local variable |
| ipv6CidrBlockAssociationSet | Local variable |
| isDefault | Local variable |
| lastUpdated | lastUpdated |
| qualysTags | Local variable |
| region | cloudRegion |
| remediationEnabled | Local variable |
| resourceId | Local variable |
| resourceType | Local variable |
| scanId | Local variable |
| scanUuid | Local variable |
| status | status, sourceStatus |
| subnets | Local variable |
| tags | tags |
| type | type |
| uid | uid |
| vpcId | Local variable |
| version | Local variable |
EKS Node Group
Table 10: EKS Node Group attribute mappings
| Source Field Name | Maps to Attribute |
|---|---|
| accountAlias | Local variable |
| amiType | Local variable |
| arn | Local variable |
| associations.clusterArn | Local variable |
| associations.clusterName | Local variable |
| associations.resources.autoScalingGroups.name | Local variable |
| associations.resources.remoteAccessSecurityGroup | Local variable |
| associations.remoteAccess.sourceSecurityGroups | Local variable |
| associations.subnets | Local variable |
| availabilityZones | Local variable |
| capacityType | Local variable |
| categories | categories |
| cidrBlock | Local variable |
| cloudAccountId | cloudAccountId |
| cloudType | cloudProvider |
| connectorId | Local variable |
| connectorUuid | Local variable |
| connectorUuids | Local variable |
| created | sourceCreatedDate |
| createdOn | Local variable |
| criticalityScore | Local variable |
| customerId | Local variable |
| customers | Local variable |
| description | description |
| diskSize | Local variable |
| displayName | displayName |
| instanceTypes | Local variable |
| ipv6CidrBlockAssociationSet | Local variable |
| isDefault | Local variable |
| labels.owner | Local variable |
| lastUpdated | lastUpdated |
| launchTemplate.id | Local variable |
| launchTemplate.name | Local variable |
| launchTemplate.version | Local variable |
| nodeRole | Local variable |
| nodeRoleName | Local variable |
| qualysTags | Local variable |
| region | cloudRegion |
| releaseVersion | Local variable |
| remediationEnabled | Local variable |
| resourceId | Local variable |
| resourceType | Local variable |
| scanId | Local variable |
| scanUuid | Local variable |
| scalingConfig.desiredSize | Local variable |
| scalingConfig.maxSize | Local variable |
| scalingConfig.minSize | Local variable |
| status | status, sourceStatus |
| subnets | Local variable |
| tags | tags |
| type | type |
| uid | uid |
| vpcId | Local variable |
| version | Local variable |
Firewall Rules
Table 11: Firewall Rules attribute mappings
| Source Field Name | Maps to Attribute |
|---|---|
| allowed | Local variable |
| arsScore | Local variable |
| categories | categories |
| cloudType | cloudProvider |
| connectorUuid | Local variable |
| connectorUuids | Local variable |
| created | sourceCreatedDate |
| creationTimeStamp | Local variable |
| criticalityScore | Local variable |
| customerId | Local variable |
| customers | Local variable |
| description | description |
| ipCidrRange | Local variable |
| lastUpdated | lastUpdated |
| network | Local variable |
| projectId | Local variable |
| projectNumber | Local variable |
| qualysTags | Local variable |
| region | cloudRegion |
| remediationEnabled | Local variable |
| resourceId | Local variable |
| scanUuid | Local variable |
| sourceRanges | Local variable |
| sourceTags | Local variable |
| status | status, sourceStatus |
| subnetworks | Local variable |
| tags | tags |
| targetTags | Local variable |
| type | type |
| uuid | uid |
| version | Local variable |
Function App
Table 12: Function App attribute mappings
| Source Field Name | Maps to Attribute |
|---|---|
| appServicePlan | Local variable |
| arsScore | Local variable |
| availabilityState | Local variable |
| categories | categories |
| clientAffinityEnabled | Local variable |
| clientCertEnabled | Local variable |
| cloudType | cloudProvider |
| connectorUuid | Local variable |
| connectorUuids | Local variable |
| created | sourceCreatedDate |
| criticalityScore | Local variable |
| customerId | Local variable |
| customers | Local variable |
| defaultHostName | Local variable |
| deploymentId | Local variable |
| description | description |
| enabled | Local variable |
| enabledHosts | Local variable |
| functions | Local variable |
| httpsOnly | Local variable |
| key | Local variable |
| language | Local variable |
| lastUpdated | lastUpdated |
| provisioningState | Local variable |
| qualysTags | Local variable |
| redundancyMode | Local variable |
| region | cloudRegion |
| remediationEnabled | Local variable |
| repositorySiteName | Local variable |
| resourceGroupName | Local variable |
| resourceId | Local variable |
| scanUuid | Local variable |
| status | status, sourceStatus |
| subKinds | Local variable |
| subnets | Local variable |
| subscriptionId | Local variable |
| subscriptionName | Local variable |
| tags | tags |
| type | type |
| uid | uid |
| usageState | Local variable |
| version | Local variable |
IAM User
Table 13: IAM User attribute mappings
| Source Field Name | Maps to Attribute |
|---|---|
| accessKey1Active | Local variable |
| accessKey1LastRotated | Local variable |
| accessKey1LastUsed | Local variable |
| accessKey1LastUsedRegion | Local variable |
| accessKey1LastUsedService | Local variable |
| accessKey2Active | Local variable |
| accessKey2LastRotated | Local variable |
| accessKey2LastUsed | Local variable |
| accessKey2LastUsedRegion | Local variable |
| accessKey2LastUsedService | Local variable |
| amiType | Local variable |
| arn | Local variable |
| associations.clusterArn | Local variable |
| associations.clusterName | Local variable |
| associations.resources.autoScalingGroups.name | Local variable |
| associations.resources.remoteAccessSecurityGroup | Local variable |
| associations.remoteAccess.sourceSecurityGroups | Local variable |
| associations.subnets | Local variable |
| capacityType | Local variable |
| categories | categories |
| cert1Active | Local variable |
| cert2Active | Local variable |
| cert2LastRotated | Local variable |
| cloudAccountId | cloudAccountId |
| cloudType | cloudProvider |
| connectorId | Local variable |
| connectorUuid | Local variable |
| connectorUuids | Local variable |
| created | sourceCreatedDate |
| createdOn | Local variable |
| criticalityScore | Local variable |
| customerId | Local variable |
| customers | Local variable |
| description | description |
| diskSize | Local variable |
| displayName | displayName |
| inlinePolicyNames | Local variable |
| ipv6CidrBlockAssociationSet | Local variable |
| isDefault | Local variable |
| labels.owner | Local variable |
| lastUpdated | lastUpdated |
| launchTemplate.id | Local variable |
| launchTemplate.name | Local variable |
| launchTemplate.version | Local variable |
| mfaActive | Local variable |
| passwordEnabled | Local variable |
| passwordLastChanged | Local variable |
| path | Local variable |
| qualysTags | Local variable |
| region | cloudRegion |
| releaseVersion | Local variable |
| remediationEnabled | Local variable |
| resourceGroupName | Local variable |
| resourceId | Local variable |
| resourceType | Local variable |
| scanId | Local variable |
| scanUuid | Local variable |
| scalingConfig.desiredSize | Local variable |
| scalingConfig.maxSize | Local variable |
| scalingConfig.minSize | Local variable |
| status | status, sourceStatus |
| subnets | Local variable |
| tags | tags |
| type | type |
| uid | uid |
| user | Local variable |
| userAttachedPolicies | Local variable |
| userCreationTime | Local variable |
| userGroups | Local variable |
| userInlinePolicies.policyName | Local variable |
| userPolicies | Local variable |
| username | Local variable |
| version | Local variable |
| vpcId | Local variable |
Internet Gateway
Table 14: Internet Gateway attribute mappings
| Source Field Name | Maps to Attribute |
|---|---|
| accountAlias | Local variable |
| arn | Local variable |
| attachments | Local variable |
| availabilityZones | Local variable |
| cidrBlock | Local variable |
| cloudAccountId | cloudAccountId |
| cloudType | cloudProvider |
| connectorUuid | Local variable |
| connectorUuids | Local variable |
| created | dateCreated |
| createdOn | Local variable |
| criticalityScore | Local variable |
| customerId | Local variable |
| customers | Local variable |
| description | description |
| displayName | displayName |
| instances | Local variable |
| internetGatewayId | name |
| internetGatewayId | Local variable |
| ipv6CidrBlockAssociationSet | Local variable |
| isDefault | Local variable |
| lastUpdated | lastUpdated |
| qualysTags | Local variable |
| region | cloudRegion |
| remediationEnabled | Local variable |
| resourceId | Local variable |
| resourceType | Local variable |
| scanId | Local variable |
| scanUuid | Local variable |
| status | status, sourceStatus |
| subnets | Local variable |
| tags | tags |
| type | type |
| uid | uid |
| vpcId | Local variable |
| version | Local variable |
Lambda
Table 15: Lambda attribute mappings
| Source Field Name | Maps to Attribute |
|---|---|
| accountAlias | Local variable |
| arn | Local variable |
| arsScore | Local variable |
| availabilityZones | Local variable |
| categories | categories |
| cidrBlock | Local variable |
| cloudAccountId | cloudAccountId |
| cloudType | cloudProvider |
| connectorUuid | Local variable |
| connectorUuids | Local variable |
| created | dateCreated |
| createdOn | Local variable |
| criticalityScore | Local variable |
| customerId | Local variable |
| customers | Local variable |
| description | description |
| displayName | displayName |
| instances | Local variable |
| ipv6CidrBlockAssociationSet | Local variable |
| isDefault | Local variable |
| lastUpdated | lastUpdated |
| qualysTags | Local variable |
| region | region |
| remediationEnabled | Local variable |
| resourceId | Local variable |
| resourceType | Local variable |
| scanId | Local variable |
| scanUuid | Local variable |
| status | status, sourceStatus |
| subnets | Local variable |
| tags | tags |
| type | type |
| uid | uid |
| vpcId | Local variable |
| version | Local variable |
Load Balancer
Table 16: Load Balancer attribute mappings
| Source Field Name | Maps to Attribute |
|---|---|
| accountAlias | Local variable |
| arn | Local variable |
| arsScore | Local variable |
| availabilityZones | Local variable |
| categories | categories |
| cidrBlock | Local variable |
| cloudAccountId | cloudAccountId |
| cloudType | cloudProvider |
| connectorUuid | Local variable |
| connectorUuids | Local variable |
| created | dateCreated |
| createdOn | Local variable |
| criticalityScore | Local variable |
| customerId | Local variable |
| customers | Local variable |
| description | description |
| displayName | displayName |
| instances | Local variable |
| ipAddressType | Local variable |
| ipPermissionEgressSet | Local variable |
| ipPermissionList | Local variable |
| ipv6CidrBlockAssociationSet | Local variable |
| isDefault | Local variable |
| lastUpdated | lastModified |
| listeners | Local variable |
| loadBalancerArn | Local variable |
| loadBalancerName | Local variable |
| name | Local variable |
| qualysTags | Local variable |
| region | region |
| remediationEnabled | Local variable |
| resourceId | Local variable |
| resourceType | Local variable |
| scanId | Local variable |
| scanUuid | Local variable |
| scheme | Local variable |
| securityGroups | Local variable |
| status | status, sourceStatus |
| subnetAvailabilityZonePair | Local variable |
| subnets | Local variable |
| tags | tags |
| type | type |
| uid | uid |
| vpcId | Local variable |
| version | Local variable |
Network
Table 17: Network attribute mappings
| Source Field Name | Maps to Attribute |
|---|---|
| arsScore | Local variable |
| categories | categories |
| cloudType | cloudProvider |
| connectorUuid | Local variable |
| connectorUuids | Local variable |
| created | sourceCreatedDate |
| creationTimeStamp | Local variable |
| criticalityScore | Local variable |
| customerId | Local variable |
| customers | Local variable |
| description | description |
| ipCidrRange | Local variable |
| lastUpdated | lastUpdated |
| network | Local variable |
| projectId | Local variable |
| projectNumber | Local variable |
| qualysTags | Local variable |
| region | cloudRegion |
| remediationEnabled | Local variable |
| resourceId | Local variable |
| scanUuid | Local variable |
| status | status, sourceStatus |
| subnetworks | Local variable |
| type | type |
| uuid | uid |
| version | Local variable |
Network ACL
Table 18: Network ACL attribute mappings
| Source Field Name | Maps to Attribute |
|---|---|
| accountAlias | Local variable |
| arn | Local variable |
| arsScore | Local variable |
| associations | Local variable |
| availabilityZones | Local variable |
| categories | categories |
| cidrBlock | Local variable |
| cloudAccountId | cloudAccountId |
| cloudType | cloudProvider |
| connectorUuid | Local variable |
| connectorUuids | Local variable |
| created | sourceCreatedDate |
| createdOn | Local variable |
| criticalityScore | Local variable |
| customerId | Local variable |
| customers | Local variable |
| description | description |
| displayName | displayName |
| instances | Local variable |
| ipv6CidrBlockAssociationSet | Local variable |
| isDefault | Local variable |
| lastUpdated | lastUpdated |
| networkAclId | name |
| networkAclId | Local variable |
| qualysTags | Local variable |
| region | cloudRegion |
| remediationEnabled | Local variable |
| resourceId | Local variable |
| resourceType | Local variable |
| scanId | Local variable |
| scanUuid | Local variable |
| status | status, sourceStatus |
| subnets | Local variable |
| tags | tags |
| type | type |
| uid | uid |
| vpcId | Local variable |
| version | Local variable |
Network Security Group
Table 19: Network Security Group attribute mappings
| Source Field Name | Maps to Attribute |
|---|---|
| appServicePlan | Local variable |
| arsScore | Local variable |
| availabilityState | Local variable |
| categories | categories |
| clientAffinityEnabled | Local variable |
| clientCertEnabled | Local variable |
| cloudType | cloudProvider |
| connectorUuid | Local variable |
| connectorUuids | Local variable |
| created | sourceCreatedDate |
| criticalityScore | Local variable |
| customerId | Local variable |
| customers | Local variable |
| defaultHostName | Local variable |
| deploymentId | Local variable |
| description | description |
| enabled | Local variable |
| enabledHosts | Local variable |
| inboundSecurityRules | Local variable |
| key | Local variable |
| lastUpdated | lastUpdated |
| networkInterfaces | Local variable |
| outboundSecurityRules | Local variable |
| provisioningState | Local variable |
| qualysTags | Local variable |
| redundancyMode | Local variable |
| region | cloudRegion |
| remediationEnabled | Local variable |
| repositorySiteName | Local variable |
| resourceGroupName | Local variable |
| resourceId | Local variable |
| scanUuid | Local variable |
| status | status, sourceStatus |
| subKinds | Local variable |
| subnets | Local variable |
| subscriptionId | Local variable |
| subscriptionName | Local variable |
| tags | tags |
| type | type |
| uid | uid |
| usageState | Local variable |
| version | Local variable |
RDS
Table 20: RDS attribute mappings
| Source Field Name | Maps to Attribute |
|---|---|
| accountAlias | Local variable |
| arn | Local variable |
| arsScore | Local variable |
| availabilityZones | Local variable |
| backupRetentionPeriod | Local variable |
| caCertificateIdentifier | Local variable |
| categories | categories |
| cidrBlock | Local variable |
| cloudAccountId | cloudAccountId |
| cloudType | cloudProvider |
| connectorUuid | Local variable |
| connectorUuids | Local variable |
| created | sourceCreatedDate |
| createdOn | Local variable |
| criticalityScore | Local variable |
| customerId | Local variable |
| customers | Local variable |
| dbClusterIdentifier | name |
| dbClusterIdentifier | Local variable |
| dbInstanceIdentifier | Local variable |
| dbInstancePort | Local variable |
| dbName | Local variable |
| dbSecurityGroupList | Local variable |
| dbiResourceId | Local variable |
| description | description |
| displayName | displayName |
| encrypted | Local variable |
| endpoint.address | Local variable |
| endpoint.hostedZoneId | Local variable |
| endpoint.port | Local variable |
| engine | Local variable |
| engineVersion | Local variable |
| enhancedMonitoringEnabled | Local variable |
| iamDatabaseAuthenticationEnabled | Local variable |
| instanceClass | Local variable |
| instanceCreatedTime | Local variable |
| isDefault | Local variable |
| ipv6CidrBlockAssociationSet | Local variable |
| kmsKeyId | Local variable |
| lastUpdated | lastUpdated |
| latestRestorableTime | Local variable |
| licenseModel | Local variable |
| masterUsername | Local variable |
| multiAZ | Local variable |
| preferredBackupWindow | Local variable |
| preferredMaintenanceWindow | Local variable |
| publiclyAccessible | Local variable |
| qualysTags | Local variable |
| region | cloudRegion |
| remediationEnabled | Local variable |
| repositorySiteName | Local variable |
| resourceGroupName | Local variable |
| resourceId | Local variable |
| resourceType | Local variable |
| scanId | Local variable |
| scanUuid | Local variable |
| securityGroupId | Local variable |
| status | status, sourceStatus |
| storageType | Local variable |
| subnetGroup.dbSubnetGroupArn | Local variable |
| subnetGroup.dbSubnetGroupName | Local variable |
| subnetGroup.dbSubnetGroupStatus | Local variable |
| subnetGroup.dbSubnetVpcId | Local variable |
| subnetGroup.subnetList | Local variable |
| subnetId | Local variable |
| subnets | Local variable |
| tags | tags |
| type | type |
| uid | uid |
| version | Local variable |
| vpcId | Local variable |
Resource Group
Table 21: Resource Group attribute mappings
| Source Field Name | Maps to Attribute |
|---|---|
| appServicePlan | Local variable |
| arsScore | Local variable |
| availabilityState | Local variable |
| categories | categories |
| clientAffinityEnabled | Local variable |
| clientCertEnabled | Local variable |
| cloudType | cloudProvider |
| connectorUuid | Local variable |
| connectorUuids | Local variable |
| created | sourceCreatedDate |
| criticalityScore | Local variable |
| customerId | Local variable |
| customers | Local variable |
| defaultHostName | Local variable |
| deploymentId | Local variable |
| description | description |
| enabled | Local variable |
| enabledHosts | Local variable |
| key | Local variable |
| lastUpdated | lastUpdated |
| provisioningState | Local variable |
| qualysTags | Local variable |
| redundancyMode | Local variable |
| region | cloudRegion |
| remediationEnabled | Local variable |
| repositorySiteName | Local variable |
| resourceGroupName | Local variable |
| resourceId | Local variable |
| scanUuid | Local variable |
| status | status, sourceStatus |
| subKinds | Local variable |
| subnets | Local variable |
| subscriptionId | Local variable |
| subscriptionName | Local variable |
| tags | tags |
| type | type |
| uid | uid |
| usageState | Local variable |
| version | Local variable |
Route Table
Table 22: Route Table attribute mappings
| Source Field Name | Maps to Attribute |
|---|---|
| accountAlias | Local variable |
| arn | Local variable |
| arsScore | Local variable |
| associations | Local variable |
| availabilityZones | Local variable |
| categories | categories |
| cidrBlock | Local variable |
| cloudAccountId | cloudAccountId |
| cloudType | cloudProvider |
| connectorUuid | Local variable |
| connectorUuids | Local variable |
| created | sourceCreatedDate |
| createdOn | Local variable |
| criticalityScore | Local variable |
| customerId | Local variable |
| customers | Local variable |
| description | description |
| displayName | displayName |
| instances | Local variable |
| ipv6CidrBlockAssociationSet | Local variable |
| isDefault | Local variable |
| lastUpdated | lastUpdated |
| qualysTags | Local variable |
| region | cloudRegion |
| remediationEnabled | Local variable |
| resourceId | Local variable |
| resourceType | Local variable |
| routeDtos | Local variable |
| routeTableId | name |
| routeTableId | Local variable |
| routes | Local variable |
| scanId | Local variable |
| scanUuid | Local variable |
| status | status, sourceStatus |
| subnets | Local variable |
| tags | tags |
| type | type |
| uid | uid |
| vpcId | Local variable |
| version | Local variable |
SQL Server Database
Table 23: SQL Server Database attribute mappings
| Source Field Name | Maps to Attribute |
|---|---|
| accountAlias | Local variable |
| appServicePlan | Local variable |
| arsScore | Local variable |
| availabilityState | Local variable |
| categories | categories |
| clientAffinityEnabled | Local variable |
| clientCertEnabled | Local variable |
| cloudType | cloudProvider |
| collation | Local variable |
| connectorUuid | Local variable |
| connectorUuids | Local variable |
| created | sourceCreatedDate |
| criticalityScore | Local variable |
| customerId | Local variable |
| customers | Local variable |
| defaultHostName | Local variable |
| defaultSecondaryLocation | Local variable |
| deploymentId | Local variable |
| description | description |
| edition | Local variable |
| earliestRestoreDate | Local variable |
| enabled | Local variable |
| enabledHosts | Local variable |
| id | Local variable |
| key | Local variable |
| lastUpdated | lastUpdated |
| parentId | Local variable |
| provisioningState | Local variable |
| qualysTags | Local variable |
| redundancyMode | Local variable |
| region | cloudRegion |
| remediationEnabled | Local variable |
| repositorySiteName | Local variable |
| resourceGroupName | Local variable |
| resourceId | Local variable |
| scanUuid | Local variable |
| status | status, sourceStatus |
| subKinds | Local variable |
| subnets | Local variable |
| subscriptionId | Local variable |
| subscriptionName | Local variable |
| tags | tags |
| type | type |
| uid | uid |
| usageState | Local variable |
| version | Local variable |
Subnet
Table 23: Subnet attribute mappings
| Source Field Name | Maps to Attribute |
|---|---|
| accountAlias | Local variable |
| arsScore | Local variable |
| assignIpv6AddressOnCreation | Local variable |
| availabilityZones | Local variable |
| availableIpAddressCount | Local variable |
| categories | Local variable |
| cidrBlock | Local variable |
| cloudAccountId | Local variable |
| cloudType | Local variable |
| connectorUuid | Local variable |
| connectorUuids | Local variable |
| controlsFailed | Local variable |
| created | Local variable |
| createdOn | Local variable |
| criticalityScore | Local variable |
| customerId | Local variable |
| customers | Local variable |
| defaultForAz | Local variable |
| description | Local variable |
| displayName | Local variable |
| ipPermissionEgressSet | Local variable |
| ipPermissionList | Local variable |
| ipv6CidrBlockAssociationSet | Local variable |
| isDefault | Local variable |
| lastUpdated | Local variable |
| mapPublicIpOnLaunch | Local variable |
| qualysTags | Local variable |
| region | Local variable |
| remediationEnabled | Local variable |
| resourceId | Local variable |
| resourceType | Local variable |
| scanId | Local variable |
| scanUuid | Local variable |
| status | Local variable, Local variable |
| subnetId | Local variable, Local variable |
| subnets | Local variable |
| tags | Local variable |
| type | Local variable |
| uuid | Local variable |
| vpcId | Local variable |
| version | Local variable |
Subnetwork
Table 24: Subnetwork attribute mappings
| Source Field Name | Maps to Attribute |
|---|---|
| arsScore | Local variable |
| categories | categories |
| cloudType | cloudProvider |
| connectorUuid | Local variable |
| connectorUuids | Local variable |
| created | sourceCreatedDate |
| creationTimeStamp | Local variable |
| criticalityScore | Local variable |
| customerId | Local variable |
| customers | Local variable |
| description | description |
| ipCidrRange | Local variable |
| lastUpdated | lastUpdated |
| network | Local variable |
| projectId | Local variable |
| projectNumber | Local variable |
| qualysTags | Local variable |
| region | cloudRegion |
| remediationEnabled | Local variable |
| resourceId | Local variable |
| scanUuid | Local variable |
| status | status, sourceStatus |
| subnetworks | Local variable |
| type | type |
| uid | uid |
| version | Local variable |
Virtual Network
Table 25: Virtual Network attribute mappings
| Source Field Name | Maps to Attribute |
|---|---|
| addressPrefixes | Local variable |
| addressSpaces | Local variable |
| appServicePlan | Local variable |
| arsScore | Local variable |
| availabilityState | Local variable |
| categories | categories |
| clientAffinityEnabled | Local variable |
| clientCertEnabled | Local variable |
| cloudType | cloudProvider |
| connectorUuid | Local variable |
| connectorUuids | Local variable |
| created | sourceCreatedDate |
| criticalityScore | Local variable |
| customerId | Local variable |
| customers | Local variable |
| defaultHostName | Local variable |
| deploymentId | Local variable |
| description | description |
| dnsServerIPs | Local variable |
| dnsServers | Local variable |
| enabled | Local variable |
| enabledHosts | Local variable |
| key | Local variable |
| lastUpdated | lastUpdated |
| provisioningState | Local variable |
| qualysTags | Local variable |
| redundancyMode | Local variable |
| region | cloudRegion |
| remediationEnabled | Local variable |
| repositorySiteName | Local variable |
| resourceGroupName | Local variable |
| resourceId | Local variable |
| scanUuid | Local variable |
| status | status, sourceStatus |
| subKinds | Local variable |
| subnets | Local variable |
| subscriptionId | Local variable |
| subscriptionName | Local variable |
| tags | tags |
| type | type |
| uid | uid |
| usageState | Local variable |
| version | Local variable |
VPC
Table 26: VPC attribute mappings
| Source Field Name | Maps to Attribute |
|---|---|
| accountAlias | Local variable |
| arn | Local variable |
| arsScore | Local variable |
| availabilityZones | Local variable |
| categories | categories |
| cidrBlock | Local variable |
| cloudAccountId | cloudAccountId |
| cloudType | cloudProvider |
| connectorUuid | Local variable |
| connectorUuids | Local variable |
| controlsFailed | Local variable |
| created | sourceCreatedDate |
| createdOn | Local variable |
| criticalityScore | Local variable |
| customerId | Local variable |
| customers | Local variable |
| description | description |
| displayName | displayName |
| instanceTenancy | Local variable |
| instances | Local variable |
| ipPermissionEgressSet | Local variable |
| ipPermissionList | Local variable |
| ipv6CidrBlockAssociationSet | Local variable |
| isDefault | Local variable |
| lastUpdated | lastUpdated |
| qualysTags | Local variable |
| region | cloudRegion |
| remediationEnabled | Local variable |
| resourceId | Local variable |
| resourceType | Local variable |
| scanId | Local variable |
| scanUuid | Local variable |
| status | status, sourceStatus |
| subnets | Local variable |
| tags | tags |
| type | type |
| uid | uid |
| version | Local variable |
| vpcId | name |
VPC Security Group
Table 27: VPC Security Group attribute mappings
| Source Field Name | Maps to Attribute |
|---|---|
| accountAlias | Local variable |
| arn | Local variable |
| arsScore | Local variable |
| availabilityZones | Local variable |
| categories | categories |
| cidrBlock | Local variable |
| cloudAccountId | cloudAccountId |
| cloudType | cloudProvider |
| connectorUuid | Local variable |
| connectorUuids | Local variable |
| controlsFailed | Local variable |
| created | sourceCreatedDate |
| createdOn | Local variable |
| criticalityScore | Local variable |
| customerId | Local variable |
| customers | Local variable |
| description | description |
| displayName | displayName |
| groupId | Local variable |
| groupName | Local variable |
| instances | Local variable |
| ipPermissionEgressSet | Local variable |
| ipPermissionList | Local variable |
| ipv6CidrBlockAssociationSet | Local variable |
| isDefault | Local variable |
| lastUpdated | lastUpdated |
| qualysTags | Local variable |
| region | cloudRegion |
| remediationEnabled | Local variable |
| resourceId | Local variable |
| resourceType | Local variable |
| scanId | Local variable |
| scanUuid | Local variable |
| status | status, sourceStatus |
| subnets | Local variable |
| tags | tags |
| type | type |
| uid | uid |
| vulnerable | Local variable |
| vpcId | Local variable |
| version | Local variable |
Web App
Table 28: Web App attribute mappings
| Source Field Name | Maps to Attribute |
|---|---|
| appServicePlan | Local variable |
| arsScore | Local variable |
| availabilityState | Local variable |
| categories | categories |
| clientAffinityEnabled | Local variable |
| clientCertEnabled | Local variable |
| cloudType | cloudProvider |
| connectorUuid | Local variable |
| connectorUuids | Local variable |
| created | sourceCreatedDate |
| criticalityScore | Local variable |
| customerId | Local variable |
| customers | Local variable |
| defaultHostName | Local variable |
| deploymentId | Local variable |
| description | description |
| enabled | Local variable |
| enabledHosts | Local variable |
| httpsOnly | Local variable |
| key | Local variable |
| lastUpdated | lastUpdated |
| provisioningState | Local variable |
| qualysTags | Local variable |
| redundancyMode | Local variable |
| region | cloudRegion |
| remediationEnabled | Local variable |
| repositorySiteName | Local variable |
| resourceGroupName | Local variable |
| resourceId | Local variable |
| scanUuid | Local variable |
| status | status, sourceStatus |
| subKinds | Local variable |
| subnets | Local variable |
| subscriptionId | Local variable |
| subscriptionName | Local variable |
| tags | tags |
| type | type |
| uid | uid |
| usageState | Local variable |
| version | Local variable |
Hosts
Expand the sections below to view the mappings between the Host object types from Qualys Total Cloud and the Brinqa data model attributes:
EC2 Instance
Table 29: EC2 Instance attribute mappings
| Source Field Name | Maps to Attribute |
|---|---|
| accountAlias | Local variable |
| arsScore | Local variable |
| availabilityZones | Local variable |
| categories | categories |
| cidrBlock | Local variable |
| cloudAccountId | cloudAccountId |
| cloudType | cloudProvider |
| connectorUuid | Local variable |
| connectorUuids | Local variable |
| controlsFailed | Local variable |
| created | dateCreated |
| createdOn | Local variable |
| criticalityScore | Local variable |
| customerId | Local variable |
| customers | Local variable |
| description | description |
| displayName | displayName |
| elasticIpAddress | Local variable |
| events | Local variable |
| iamInstanceProfileRoleDetails.profileArn | Local variable |
| iamInstanceProfileRoleDetails.profileName | Local variable |
| iamInstanceProfileRoleDetails.roleArn | Local variable |
| iamInstanceProfileRoleDetails.roleName | Local variable |
| imageId | hostImage |
| instanceId | cloudInstanceID |
| instanceState | Local variable |
| instanceStatus | Local variable |
| instanceType | Local variable |
| ipAddress | ipAddresses |
| ipPermissionEgressSet | Local variable |
| ipPermissionList | Local variable |
| ipv6CidrBlockAssociationSet | Local variable |
| isDefault | Local variable |
| key | Local variable |
| lastUpdated | lastUpdated |
| launchTime | Local variable |
| networkInterfaceAddresses | Local variable |
| privateDnsName | privateDnsName |
| privateIpAddress | privateIpAddresses |
| publicDnsName | publicDnsName |
| publicIpAddress | publicIpAddresses |
| qualysTags | Local variable |
| region | cloudRegion |
| remediationEnabled | Local variable |
| repositorySiteName | Local variable |
| resourceId | Local variable |
| resourceType | Local variable |
| scanId | Local variable |
| scanUuid | Local variable |
| secondaryPrivateIpAddress | Local variable |
| securityGroups | Local variable |
| spotInstanceRequestId | Local variable |
| status | status, sourceStatus |
| subnetId | Local variable |
| subnets | Local variable |
| tags | tags |
| type | type |
| uid | uid |
| version | Local variable |
| vpcId | Local variable |
| vulnerabilityStats.severity.2 | Local variable |
| vulnerabilityStats.severity.3 | Local variable |
| vulnerabilityStats.severity.4 | Local variable |
| vulnerabilityStats.severity.5 | Local variable |
| vulnerabilityStats.totalVulnerability | Local variable |
| vulnerabilityStats.typeDetected.confirmed | Local variable |
| vulnerabilityStats.typeDetected.information | Local variable |
| vulnerabilityStats.typeDetected.potential | Local variable |
SQL Server
Table 30: SQL Server attribute mappings
| Source Field Name | Maps to Attribute |
|---|---|
| appServicePlan | Local variable |
| arsScore | Local variable |
| availabilityState | Local variable |
| categories | categories |
| clientAffinityEnabled | Local variable |
| clientCertEnabled | Local variable |
| cloudType | cloudProvider |
| connectorUuid | Local variable |
| connectorUuids | Local variable |
| controlsFailed | Local variable |
| created | sourceCreatedDate |
| criticalityScore | Local variable |
| customerId | Local variable |
| customers | Local variable |
| databases | Local variable |
| defaultHostName | Local variable |
| deploymentId | Local variable |
| description | description |
| dns_names | dns_names, Local variable (FQDN) |
| enabled | Local variable |
| enabledHosts | Local variable |
| fqdn | dns_names, Local variable (FQDN) |
| httpsOnly | Local variable |
| key | Local variable |
| lastUpdated | lastUpdated |
| provisioningState | Local variable |
| qualysTags | Local variable |
| redundancyMode | Local variable |
| region | cloudRegion |
| remediationEnabled | Local variable |
| repositorySiteName | Local variable |
| resourceGroupName | Local variable |
| resourceId | hostnames, Local variable (RESOURCE_ID) |
| scanUuid | Local variable |
| status | status, sourceStatus |
| subKinds | Local variable |
| subnets | Local variable |
| subscriptionId | Local variable |
| subscriptionName | Local variable |
| tags | tags |
| type | type |
| uid | uid |
| usageState | Local variable |
| version | Local variable |
Virtual Machine
Table 31: Virtual Machine attribute mappings
| Source Field Name | Maps to Attribute |
|---|---|
| appServicePlan | Local variable |
| arsScore | Local variable |
| availabilityState | Local variable |
| categories | categories |
| clientAffinityEnabled | Local variable |
| clientCertEnabled | Local variable |
| cloudType | cloudProvider |
| computerName | Local variable |
| connectorUuid | Local variable |
| connectorUuids | Local variable |
| controlsFailed | Local variable |
| created | sourceCreatedDate |
| criticalityScore | Local variable |
| customerId | Local variable |
| customers | Local variable |
| defaultHostName | Local variable |
| deploymentId | Local variable |
| description | description |
| enabled | Local variable |
| enabledHosts | Local variable |
| httpsOnly | Local variable |
| key | Local variable |
| lastUpdated | lastUpdated |
| primaryPrivateIPAddress | Local variable (PRIVATE_IP_ADDRESSES) |
| primaryPublicIPAddress | Local variable (PUBLIC_IP_ADDRESSES) |
| provisioningState | Local variable |
| qualysTags | Local variable |
| redundancyMode | Local variable |
| region | cloudRegion |
| remediationEnabled | Local variable |
| repositorySiteName | Local variable |
| resourceGroupName | Local variable |
| resourceId | Local variable |
| scanUuid | Local variable |
| statuses | Local variable |
| status | status, sourceStatus |
| subKinds | Local variable |
| subnets | Local variable |
| subscriptionId | Local variable |
| subscriptionName | Local variable |
| tags | tags |
| type | type |
| uid | uid |
| usageState | Local variable |
| version | Local variable |
| vulnerabilityStats | Local variable (VULNERABILITY_STAT_SEVERITY_TWO) |
| vulnerabilityStats | Local variable (VULNERABILITY_STAT_SEVERITY_THREE) |
| vulnerabilityStats | Local variable (VULNERABILITY_STAT_SEVERITY_FOUR) |
| vulnerabilityStats | Local variable (VULNERABILITY_STAT_SEVERITY_FIVE) |
| vulnerabilityStats | Local variable (VULNERABILITY_STAT_TYPE_DETECTED_CONFIRMED) |
| vulnerabilityStats | Local variable (VULNERABILITY_STAT_TYPE_DETECTED_POTENTIAL) |
| vulnerabilityStats | Local variable (VULNERABILITY_STAT_TYPE_DETECTED_INFORMATION) |
| vulnerabilityStats | Local variable (VULNERABILITY_STAT_TOTAL_VULNERABILITY) |
VM Instance
Table 32: VM Instance attribute mappings
| Source Field Name | Maps to Attribute |
|---|---|
| arsScore | Local variable |
| categories | categories |
| cloudType | cloudProvider |
| connectorUuid | Local variable |
| connectorUuids | Local variable |
| created | sourceCreatedDate |
| creationTimeStamp | Local variable |
| criticalityScore | Local variable |
| customerId | Local variable |
| customers | Local variable |
| description | description |
| ipCidrRange | Local variable |
| lastUpdated | lastUpdated |
| network | Local variable |
| projectId | Local variable |
| projectNumber | Local variable |
| qualysTags | Local variable |
| region | cloudRegion |
| remediationEnabled | Local variable |
| resourceId | Local variable |
| scanUuid | Local variable |
| status | status, sourceStatus |
| subnetworks | Local variable |
| type | type |
| uid | uid |
| version | Local variable |
Violations
Expand the sections below to view the mappings between the Violation object types from Qualys Total Cloud and the Brinqa data model attributes:
Violation
Table 33: Violation attribute mappings
| Source Field Name | Maps to Attribute |
|---|---|
| accountId | Local variable |
| cid | type |
| connectorId | Local variable |
| evaluationDates.dateFixed | lastFixed |
| evaluationDates.dateReopen | Local variable |
| evaluationDates.firstEvaluated | firstFound |
| evaluationDates.lastEvaluated | lastFound |
| evidences | results |
| id | uid |
| id | name |
| region | Local variable |
| resourceId | targets |
| resourceId | Local variable |
| resourceType | Local variable |
| result | status, statusCategory |
| evaluatedOn | lastAssessed |
Violation Definition
Table 34: Violation Definition attribute mappings
| Source Field Name | Maps to Attribute |
|---|---|
| buildTimeRemediation | Local variable |
| cid | uid |
| controlName | name |
| controlType | Local variable |
| created | dateCreated |
| criticality | severity(normalized), sourceSeverity, severityScore |
| evaluation.evaluationCriteria | Local variable |
| evaluation.evaluationDescription | Local variable |
| evaluation.failMessage | Local variable |
| evaluation.passMessage | Local variable |
| executionType | Local variable |
| isCustomizable | Local variable |
| manualRemediation | recommendation |
| modified | lastUpdated |
| policyNames | Local variable |
| provider | Local variable |
| rationale | Local variable |
| references | references |
| remediationEnabled | Local variable |
| resourceType | Local variable |
| serviceType | Local variable |
| specification | Local variable |
| templateType | Local variable |
| workflowBased | Local variable |
Additional settings
The Qualys Total Cloud connector contains additional options for specific configuration:
-
Page size: The maximum number of records to get per API request. The default setting is 300. It is not recommended to go over 300.
-
Parallel requests: The maximum number of parallel API requests. The default setting is 2.
-
Maximum retries: The maximum number of times that the integration attempts to connect to the Qualys API before giving up and reporting a failure. The default setting is 5.
Operation options
The Qualys Total Cloud connector supports the following operation options. See connector operation options for information about how to apply them.
Table 35: Qualys Total Cloud connector operation options
| Connector Object | Option | All Possible Values | Description | Example |
|---|---|---|---|---|
| Violation | control.criticality | LOW, MEDIUM, HIGH | A comma-separated list of criticality levels. Limit retrieved violations by the specified criticality level(s). | Key: control.criticality Value: MEDIUM,HIGH. This key and value combination only retrieves violation definitions with a criticality level of MEDIUM or HIGH. |
| control.result | PASS, FAIL | A comma-separated list of evaluation result values. Limit retrieved violations by the specified result(s). | Key: control.result Value: FAIL. This key and value combination only retrieves violations with a result of FAIL. | |
| provider | AWS, AZURE, GCP | A comma-separated list of cloud provider names. Limit retrieved violations by the specified provider(s). | Key: provider Value: AWS,GCP. This key and value combination only retrieves violation definitions associated with the specified cloud providers. | |
| Violation Definition | control.criticality | LOW, MEDIUM, HIGH | A comma-separated list of criticality levels. Limit retrieved violation definitions by the specified criticality level(s). | Key: control.criticality Value: MEDIUM,HIGH. This key and value combination only retrieves violation definitions with a criticality level of MEDIUM or HIGH. |
| policy.name | Any Qualys Total Cloud policy name | A comma-separated list of policy names. Limit retrieved violation definitions by the specified policy name(s). For additional information on policies, see Qualys documentation. | Key: policy.name Value: CIS Google Cloud Platform Foundation Benchmark,CIS Amazon Web Services Foundations Benchmark. This key and value combination only retrieves violation definitions associated with the specified policy names. | |
| provider | AWS, AZURE, GCP | A comma-separated list of cloud provider names. Limit retrieved violation definitions by the specified provider(s). | Key: provider Value: AWS,AZURE. This key and value combination only retrieves violation definitions associated with the specified cloud providers. | |
| resource.type | Any AWS, Azure, or GCP resource type | A comma-separated list of resource types. Limit retrieved violation definitions by the specified resource type(s). | Key: resource.type Value: EKS_CLUSTER,SQL_SERVER,VM_INSTANCE. This key and value combination only retrieves violation definitions associated with the specified resource types. |
APIs
The Qualys Total Cloud connector uses the Qualys Total Cloud API v1. Specifically, it uses the following endpoints:
Table 36: Qualys Total Cloud API Endpoints
| Connector Object | API Endpoints |
|---|---|
| Cloud Resources | GET /rest/v1/resource/{resourceType}/{cloudType} |
| Hosts | GET /rest/v1/resource/{resourceType}/{cloudType} |
| Violation | GET rest/v1/{cloudType}/connectors |
GET rest/v1/{cloudType}/evaluations/{accountId} | |
GET rest/v1/{cloudType}/evaluations/{accountId}/resources/{controlId} | |
| Violation Definition | GET /rest/v1/controls/metadata/list |
Changelog
The Qualys Total Cloud connector has undergone the following changes:
Table 37: Qualys Total Cloud connector changelog
note
This connector is part of a bundled release with other connectors from the same vendor. If a version shows "No change", it means that the connector version was updated for consistency as part of the bundle, but no functional changes were made to this specific connector. You can update to or skip this version without affecting your existing configuration.
| Version | Description | Date Published |
|---|---|---|
| 5.3.30 | No change. | February 3rd, 2026 |
| 5.3.29 | No change. | January 26th, 2026 |
| 5.3.28 | No change. | December 26th, 2025 |
| 5.3.27 | No change. | November 25th, 2025 |
| 5.3.26 | No change. | November 19th, 2025 |
| 5.3.25 | No change. | October 30th, 2025 |
| 5.3.24 | No change. | September 9th, 2025 |
| 5.3.23 | No change. | August 15th, 2025 |
| 5.3.22 | No change. | August 5th, 2025 |
| 5.3.21 | No change. | August 5th, 2025 |
| 5.3.20 | - Added the INSTANCE_ID, PUBLIC_DNS_NAMES, and PUBLIC_IP_ADDRESSES attributes to the EC2 Instance object. - Added the DNS_NAMES and HOSTNAMES attributes to the SQL Server object. | July 11th, 2025 |
| 5.3.19 | Initial Integration+ release. | July 2nd, 2025 |