Qualys Guard

Qualys Guard is a vulnerability management tool that scans systems and environments to identify vulnerabilities. The Network Probe can connect to the Qualys Guard API to retrieve vulnerability scan results and forward them to the Data Node index. Collected data can be analyzed using the [Vulnerability] Overview Qualys dashboard.

Configuration

Enable the pipeline in the Network Probe configuration:

Edit /etc/logserver-probe/pipelines.yml and uncomment the following lines:
```
- pipeline.id: qualys
  path.config: "/etc/logserver-probe/conf.d/qualys/*.conf"
```
Configure the connection to the Qualys Guard manager:

Edit /etc/logserver-probe/conf.d/qualys/venv/main.py and set the following parameters:
- NETWORK_PROBE_ADDR — IP address and port of the Network Probe
- hostname — IP address and port of the Qualys Guard manager
- username — user with access to the Qualys Guard manager
- password — password for the Qualys Guard manager user
Example:
```
NETWORK_PROBE_ADDR = ('127.0.0.1', 10001)

# connection settings
conn = qualysapi.connect(
    username="admin",
    password="password",
    hostname="qualysguard.qg2.apps.qualys.eu"
)
```