has anybody used tag_exclude_selector parameter in Qualys integration with ServiceNow

Abhijeet Dutt · ‎04-19-2022

Hello All,

We have a requirement where in we do not want certain CI record to be created in Configuration Compliance and Vulnerability Response.

We are thinking to make the filteration at API level.

I read and found out that we can use tag_exclude_selector parameter to exclude the CI's with a certain tag attached to them in Qualys.

lets say the tag on Qualys is : ABC

I want to understand how to write the parameter in the rest message :

chrismcdevi · ‎04-20-2022

@cmcclendon

I did not know that! That was not 100% clear when I was parsing through the API.

So then, we would use them as two separate parameters... I see.

cmcclendon · ‎04-20-2022

I agree, the massive API doc is unclear at times.

-Chris

Abhijeet Dutt · ‎04-20-2022

just to understand this , lets say I have put ABC as the tag on few assets in Qualys,

so in servicenow rest message parameters i should go

tag_exclude_selector : any

tag_set_exclude : ABC

or

tag_exclude_selector : ABC

cmcclendon · ‎04-20-2022

This is correct:

tag_exclude_selector : any

tag_set_exclude : ABC <--- should be a number (see above)

Lessons learned: Qualys admins can change the name of a host tag but not the ID. I recommend using the host tag ID in your parameters.

-Chris

Voona Rohila · ‎05-05-2022

Hi @cmcclendon / @Chris McDevitt

I tried this to exclude few assets with specific tags and I am getting Below response from qualys

The integration is running succesfully before adding these parameters - The data is coming good.

I verified in qualys that the assets have the tags I specified.

Does the user that is trying to access these does not have permit to those parameters?

Mark it helpful if this helps you to understand. Accept solution if this give you the answer you're looking for
Kind Regards,
Rohila V
5x ServiceNow MVP