-
Login to Qualys Dashboard
-
Select Scan option from Left side panel
-
Select “Manage Vulnerability Scan” option
-
Click New Scan option from the page
-
Specify following details for scan
- Title : Specify the Title of scan
- Option Profile : Select the option profile [e.g. SSL Certificate, you can have your own custom option profile, details given next section]
- Network : Set the option e.g. Global Default Network
- Scanner Appliance : Select the scanner appliance you configured
- IP Address / FQDN Details : Mention the details about target host to be scanned.
-
Run the newly created Scan
How to configure Option Profile
-
From the Scan page, go to tab Option Profile
-
Click on New and select option Import from Library. [You can select any option, for our project purpose I have selected this option]
-
Select Certificate option and click Imort
Export Scan report in JSON Format
To export scan reports in JSON format, you can refer to this sample script which basically
QUALYS_SERVER="https://qualysapi.server.com"
echo "[+] Listing finished scans..."
# Step 1: List finished scans (XML)
SCAN_LIST=$(curl --location "$QUALYS_SERVER/api/2.0/fo/scan/" \
--header 'X-Requested-With: Curl' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'action=list')
# Step 2: Extract scan references
SCAN_REFS=$(echo "$SCAN_LIST" | xmllint --xpath "//SCAN[STATUS/STATE='Finished']/REF/text()" - 2>/dev/null | \
sed 's/ref="\([^"]*\)"/\1\n/g')
if [ -z "$SCAN_REFS" ]; then
echo "[-] No scans found"
# Step 3: Fetch each scan in JSON
for REF in $SCAN_REFS; do
echo "[+] Exporting scan $REF ..."
curl --location "$QUALYS_SERVER/api/2.0/fo/scan/" \
--header 'X-Requested-With: Curl' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'action=fetch' \
--data-urlencode 'output_format=json_extended' \
--data-urlencode "scan_ref=$REF" \
-o "$OUT_DIR/scan_${SAFE_REF}.json"
echo "Export complete. Files stored in $OUT_DIR/"