What is Qualys Global IT?
Qualys Global IT (now called Global AssetView) uses a combination of Qualys sensors (agents, scanners, and passive network sensors) to discover assets ibn your environment and collect inventory information.
For more information about Qualys and Lucidum, see https://lucidum.io/qualys/.
Why Should You Use the Qualys Global IT Connector?
The Qualys Global IT connector provides visibility into all the assets in your environment. You can use this visibility to:
ensure assets are managed per your security policies
find vulnerabilities quickly and remediate
How Does This Connector Work?
Lucidum executes read-only requests to the Qualys Global IT API and ingests only meta-data about Qualys Global IT assets. Lucidum does not retrieve any data stored on your assets.
Configuring the Connector in Lucidum
The hostname of to access the Qualys API. Note that the host might have different hostnames in different regions (for complete Qualys API URLs, refer to https://www.qualys.com/platform-identification/ ). For example,
User name for an account that has the Required Permissions to fetch assets.
Password for the user account.
Version of the Qualys API that you are using
Creating a User Account
You must create a user account with API access. Lucidum will use this user account to access Qualys.
From Qualys Administration utility, go to Users > User Management > Create User.
After creating the user account, click the user account and select Actions > Edit. Then go to Roles and Scopes and select the Allow user full permissions and scope checkbox.
To enable user access to the API:
From Qualys Administration utility, click the user button next to the Logout -> User Profile.
The Edit User screen opens. Click User Role -> select the API checkbox to enable API Access.
The value supplied in User Name must be associated with one of the following user roles and with the following permissions:
Manager role with full scope.
Reader role with full scope.
Non-manager role with the following permissions:
Access Permission "API Access".
Asset Management Permission "Read Asset".
Requested asset in their scope.