SOLVED

Qualys vulnerability report

%3CLINGO-SUB%20id%3D%22lingo-sub-2563170%22%20slang%3D%22en-US%22%3EQualys%20vulnerability%20report%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2563170%22%20slang%3D%22en-US%22%3E%3CP%3EHello%20everyone%2C%20everything%20good%3F%20Does%20anyone%20happen%20to%20tell%20me%20how%20often%20by%20default%20qualys%20generates%20the%20vulnerability%20report%3F%20I%20updated%20some%20machines%20on%20the%2018th%20and%20when%20checking%20the%20status%20I%20noticed%20that%20the%20last%20vulnerability%20report%20is%20from%20the%2017th.%20Is%20there%20a%20way%20to%20force%20the%20generation%20or%20change%20the%20interval%20if%20I%20want%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-2563170%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3Equalys%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2564647%22%20slang%3D%22en-US%22%3ERe%3A%20Qualys%20vulnerability%20report%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2564647%22%20slang%3D%22en-US%22%3EHello%2C%3CBR%20%2F%3E%3CBR%20%2F%3ENormally%2C%20scans%20will%20run%20at%20four-hour%20intervals.%20To%20my%20knowledge%2C%20the%20scanning%20interval%20is%20not%20configurable.%3CBR%20%2F%3EYou%20can%20trigger%20an%20on-demand%20scan%20from%20the%20machine%20itself%2C%20using%20either%20scripts%2C%20either%20GPO%3CBR%20%2F%3EThe%20following%20commands%20trigger%20an%20on-demand%20scan%3A%3CBR%20%2F%3E%3CBR%20%2F%3EWindows%20machines%3A%20REG%20ADD%20HKLM%5CSOFTWARE%5CQualys%5CQualysAgent%5CScanOnDemand%5CVulnerability%20%2Fv%20%22ScanOnDemand%22%20%2Ft%20REG_DWORD%20%2Fd%20%221%22%20%2Ff%3CBR%20%2F%3E%3CBR%20%2F%3ELinux%20machines%3A%20sudo%20%2Fusr%2Flocal%2Fqualys%2Fcloud-agent%2Fbin%2Fcloudagentctl.sh%20action%3Ddemand%20type%3Dvm%3CBR%20%2F%3E%3CBR%20%2F%3EYou%20could%20therefore%20script%20the%20on-demand%20scan%20to%20run%20based%20on%20your%20needs.%3CBR%20%2F%3E%3CBR%20%2F%3Ethank%20you%3C%2FLINGO-BODY%3E
Occasional Contributor

Hello everyone, everything good? Does anyone happen to tell me how often by default qualys generates the vulnerability report? I updated some machines on the 18th and when checking the status I noticed that the last vulnerability report is from the 17th. Is there a way to force the generation or change the interval if I want?

1 Reply
best response confirmed by mlcaffaro (Occasional Contributor)
Solution
Hello,

Normally, scans will run at four-hour intervals. To my knowledge, the scanning interval is not configurable.
You can trigger an on-demand scan from the machine itself, using either scripts, either GPO
The following commands trigger an on-demand scan:

Windows machines: REG ADD HKLM\SOFTWARE\Qualys\QualysAgent\ScanOnDemand\Vulnerability /v "ScanOnDemand" /t REG_DWORD /d "1" /f

Linux machines: sudo /usr/local/qualys/cloud-agent/bin/cloudagentctl.sh action=demand type=vm

You could therefore script the on-demand scan to run based on your needs.

thank you