How do I run a report in Qualys?

Summary

How to create and run a vulnerability report in Qualys

Body

Overview

This article gives detailed steps to create and run a vulnerability report in Qualys.

How to Run a Qualys Report

Open Qualys and go to the Reports section at the top of the page and then choose the Reports tab.

showing Reports tab in qualys screen

From here, click on the drop-down box that says New, then go to Scan Report and choose Template Based.

showing reports drop-down highlighting scan report

Now a new window will pop up titled Report Details. Here you will choose the title of your report and then pick a template and format. There are already several Templates built into the selection, including the Severity 4 and 5 Confirmed report which only shows high-level confirmed vulnerabilities, and the Technical Report which shows all details on vulnerabilities.

Format allows you to choose the output of the report file. PDF is the preferred way to view Qualys reports, though CSV files make for easy exporting of data.

example report details screen

The next part of the window, "Report Source" asks you to choose the source for your report. You can pick Asset Groups, specify certain IP ranges, or add certain asset management tags. For example, I want a report from the Asset Group “AG-ACER” and have chosen the tag “Cloud Agent” so I will get a report on all parts of the AG-ACER group that have the cloud agent installed.

report source section of report scan screen

Lastly, you have the Scheduling section, where you can set up a date and time for this report to run, and you can repeat it every certain number of days, weeks, or months. You can also choose if a notification will go out when the report is finished here.

Once this has all been selected, click Run at the bottom of the screen to begin your report running. It will begin, and you can either look at the new window or on the Reports screen in Qualys to get its status. First, it will process and then it will run, and finally, it will be complete. Once complete highlight the report and click on the arrow that appears to the left of the report title. This is the Quick Actions table and will allow you to download the report by clicking “download”.

reports screen highlighting quick actions drop-down

Once the download has completed, you have your report.

Details

Details

Article ID: 1697
Created
Tue 1/26/21 9:56 PM
Modified
Tue 6/4/24 2:22 PM

Related Articles

Related Articles (6)

A step by step guide for creating, running, and scheduling vulnerability scans in Qualys
UIC's Asset tagging naming convention for use in Qualys.
How to use Qualys Cloud Agent's features and a guide to what the Cloud Agent can do.
Qualys’s Global IT Asset Inventory is a system built into Qualys that allows you view and organize all the assets in a unit.
A summary of what is the UIC Qualys Threat Protection module how to use it.
An overview of Qualys a network vulnerability scanner

Related Services / Offerings

Related Services / Offerings (1)

Qualys is a cloud-based vulnerability scanner and threat detector which comes with the ability to run IP based targeted scans or install a lightweight agent on endpoints for continuous monitoring. Qualys not only discovers threats and vulnerabilities but offers known effective ways to solve these threats.