Hi Pinaki,
Here is the link to the Qualys API documentation.
https://www.qualys.com/docs/qualys-api-vmpc-user-guide.pdf
The query parameters you could use for exclusion is explained on page 698. (It is a huge document :))
The most feasible way to do is to use tags.
1- Tag the IP addresses and DNS names in Qualys.
2- Use the query parameter tag_set_by={id|name} set name or id in this field.
3- Use tag_set_exclude query parameter to provide the id or name of the tag you created on Qualys to tag the excluded assets.
4- Monitor your REST calls in Outbound HTTP Requests and see everything works as expected.
Please mark it as helpful if it is!
Fatih.
Hi Fait,
Thank you for the response
We checked and received below response
"<!DOCTYPE SIMPLE_RETURN SYSTEM "https://qualysapi.qualys.com/api/2.0/simple_return.dtd">
<SIMPLE_RETURN>
<RESPONSE>
<DATETIME>2022-04-29T14:35:43Z</DATETIME>
<CODE>1903</CODE>
<TEXT>Missing required parameter(s): (tag_set_exclude requires tag_set_include)</TEXT>
</RESPONSE>
</SIMPLE_RETURN>
"
PFB screenshot of output of test run.
Thanks & Regards,
Pinaki Saha
The Qualys integration for ServiceNow relies on the Asset API - Host List Detection api. There are parameters that support filtering by IP as follows:
For DNS you could use tags as described by Faith or Asset Groups which allow you to include the systems you want:
Asset Groups are nice in that they are scalable.
Another option is Search Lists:
All of these parameters can be set within the REST message for the Host Detection integration in SN.
