- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-05-2019 06:04 PM
I have integrated Qualys with ServiceNow and it started created items and groups with Qualys Ids (QIDs). The issue with these QIDs is that Threat and Solution fields are coming as blank. There must be some information about this third party vulnerability.
What do you think? Is Qualys sending a blank info or I am missing something?
Solved! Go to Solution.

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-07-2019 03:27 PM
Yes, this is a Qualys issue. This is common.
1. Double check that your user account has API Access
Qualys > User Profile > User Role (Make sure API is checked)
2. Qualys support can turn on the API for you to access if you are entitled.

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-05-2019 07:53 PM
Hey Swathi,
Agree - it appears that something is not right here.
Out of curiosity, do you recall if if you ran the 'Qualys Knowledge Base' integration job, before executing the 'Qualys Host Detection Integration'.
The first time you run the 'Qualys Knowledge Base' job - it does take some time to populate the 'Third-Party Entry' table.
I wonder if by chance the 'Qualys Host Detection Job' got executed without the 'Qualys Knowledge Base' job finishing.
- Are you on London?
- Are your Qualys Integration jobs configured with the 'Run as' User set to "VR.System"? You can check by going to Qualys Vulnerability Integration -> Administration -> Primary Integrations ... then personalizing the columns to include "Run as"..
- If you navigate to Qualys Vulnerability Integration -> Administration -> Primary Integrations -> Qualys Knowledge Base -> Scroll down and look at the "Vulnerability Integration Runs" section / tab ... What do you see there? Are there any records that show State = Complete?
- If you navigate to Vulnerability -> Libraries -> Third-Party ... How many QID records are present? Do any of these QID records have a value in Threat or Solution?
- What happens if you execute the 'Qualys Knowledge Base (Backfill)' integration job via Qualys Vulnerability Integration -> Administration -> Primary Integrations -> Qualys Knowledge Base (Backfill) - do you see QID entries being populated with Summary, Threat, Solution, etc? - after this is finished running?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-05-2019 08:31 PM
Run as is VR.System, I don't remember is I ran host detection without knowledge. I have rerun the Knowledge Base and Backfill and I see New Item = 0 and Updated Item = 0
Any thoughts? How can I get the data?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-05-2019 08:48 PM
I remember, Knowledge Base job is executed first and then host because in the Setup Assistance - Knowledge will be imported first and then host detection.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-06-2019 06:36 AM
Isn't there a way to get the data?