- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-10-2023 12:51 PM
Hi,
We are in the process of integrating Qualys Policy Compliance with Configuration Compliance. We currently do have an integration successfully working for several years for Vulnerability Response. We are on the Utah version (soon going to Vancouver).
Is there a way to specifically choose which Qualys policies you want to integrate/ingest into ServiceNow Config Compliance? We have a total of 11 active policies and only wish to integrate 8 policies at this point. In addition, as we test this out, we would maybe like to integrate just one policy to start with into our DEV environment and 'work out the kinks' before we integrate the additional 7 policies.
Thanks in advance.
Kevin
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-15-2023 09:33 AM
Kevin,
That link by itself doesn't really go into the detail of what to change or how to accomplish it to then limit which Policies get pulled from Qualys. However match that along with the Qualys API user guides, you can find this:
ids={value} (Optional) Show only certain policy IDs and/or ID ranges. One or
more policy IDs/ranges may be specified. Multiple entries are
comma separated. A policy ID range entry is specified with a
hyphen (for example, 160-165). Valid policy IDs are required.
That is an additional input parameter that you can add to the HTTP REST message that gets passed along and should limit you down on what will come across. For me, I have enough technical debt on customizations without doing that too, and once set would mean I have to always be in communication with the PC team that is configuring Policies on Qualys to know when they have another new one that would need to be then added to this list for import. But that sure does enable you to only go after specific ID's when the integration runs.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-13-2023 07:36 AM
hi Kevin,
Seems you have answered in the question itself . We have done same kind of action as to fix "qualys job not being pulling record". So we ended up configuring Qualys in sub prod .But some client wont let it to test with compliance record as compliance records in sub prod was not advisable for them. But we used the same user id ,but enabling one job at a time.
Regards,
Luxo
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-13-2023 09:18 AM
Hi Luxo,
Thank you for the response. However I don't think you answered my question "Is there a way to specifically choose which Qualys policies you want to integrate/ingest into ServiceNow Config Compliance?"
Kevin
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-13-2023 08:38 AM
Yes, I know you can do this. We do this all the time. Our Dev team will set up the Policy in SecOps CC matching the Policy ID to what is in Qualys and then bring in the policy first in our lower environments and then in PROD after we test. We rollout policies when the CMDB classes are ready.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-13-2023 09:32 AM
Excellent! This is what I am looking for! Do you have some documentation on how to do this? I cannot find anything related to how to do this on ServiceNow's site.
