has anybody used tag_exclude_selector parameter in Qualys integration with ServiceNow

Abhijeet Dutt
Tera Guru

‎04-19-2022 08:11 AM

Hello All,

We have a requirement where in we do not want certain CI record to be created in Configuration Compliance and Vulnerability Response.

We are thinking to make the filteration at API level.

I read and found out that we can use tag_exclude_selector parameter to exclude the CI's with a certain tag attached to them in Qualys.

lets say the tag on Qualys is :  ABC

I want to understand how to write the parameter in the rest message :

find_real_file.png

Preview file
8 KB
0 Helpfuls
  • 3,108 Views
17 REPLIES 17

chrismcdevi
ServiceNow Employee
In response to Voona Rohila

‎05-05-2022 06:30 AM

I'm wondering if you need to add:

use_tags parameter when using the tag_exclude_selector

 

https://www.qualys.com/docs/qualys-api-vmpc-user-guide.pdf

page 469

Voona Rohila
Tera Patron
In response to chrismcdevi

‎05-06-2022 05:57 AM

I did this and now it's also asking for tag_set_include value

 

find_real_file.png


Mark it helpful if this helps you to understand. Accept solution if this give you the answer you're looking for
Kind Regards,
Rohila V
5x ServiceNow MVP
Preview file
14 KB
0 Helpfuls

cmcclendon
Mega Guru
In response to Voona Rohila

‎05-06-2022 05:58 AM

Hi @Rohila Voona / @Chris McDevitt. This is another weird anomaly with the Qualys API. With a tag_set_exclude, you must also have a corresponding tag_set_include. I had to find a tag that is present in all hosts to satisfy this requirement. If you cant find one tag in all hosts, you will have to use the ANY condition and include several tag IDs.

Example

tag_include_selector: any

tag_set_include: 1111111,222222, 333333

tag_exclude_selector: all

tag_set_exclude: 123456,234567,345678

 

Qualys does mention this in the very fine print...

-Chris M

Voona Rohila
Tera Patron
In response to cmcclendon

‎05-09-2022 05:09 AM

Hi @cmcclendon 

Thank You for the info

 

So there is no other way around right? I have around 700 tags and I want to exclude only two tags, I need to either find list of all common tags or ask qualys team to give a common tag for all the assets.


Mark it helpful if this helps you to understand. Accept solution if this give you the answer you're looking for
Kind Regards,
Rohila V
5x ServiceNow MVP
0 Helpfuls

Vinita Nair1
Kilo Explorer
In response to Voona Rohila

‎05-23-2022 08:58 AM

Hi Rohila,

Did you find a way out? What worked? 

0 Helpfuls