It's easy to schedule using GUI when the number of scan you want to schedule are hardly few, but what would you do if the numbers are exhaustive????
No Need to worry, just add details in CSC, use powershell and API and it will be done in few blinks.
Thanks to power of API and scripting (here powershell)
Below is the powershell code & Sample CSV entries that will be fetched
DCName AssetGrpName ID Scanner OptionProfile StartHour StartMin Duration Date
DC1 DD_DC1 123 scanner1 5858 3 0 36 8/9/2016
DC2 DD_DC2 456 scanner2 5858 2 30 36 8/9/2016
# Using Cookie.txt for storing cookie as input and output
param(
[Parameter(Mandatory=$true)][String]$username,
#End user must not be able to see the typed password, so protecting it
[Parameter(Mandatory=$true)][SecureString]$SecurePassword,
[Parameter(Mandatory=$false)][int]$ScanProfile=90348959
)
#Now we will convert back the securepassword input to the plain text as Qualys API works in that way
# Create a "password pointer"
$PasswordPointer = [Runtime.InteropServices.Marshal]::SecureStringToBSTR($SecurePassword)
# Get the plain text version of the password
$password = [Runtime.InteropServices.Marshal]::PtrToStringAuto($PasswordPointer)
# Free the pointer
[Runtime.InteropServices.Marshal]::ZeroFreeBSTR($PasswordPointer)
# Plain text password is in $password
remove-item alias:curl
[String]$counter='AUG'
#[String]$Cookie1= "$qualys_scan_schedule.cookies"
function login{
#login to qualys and dump the response cookie into Cookie1 which is pointing to .cookies
$Login ='curl -H "X-Requested-With: Curl Sample" -c "cookie.txt" -d "action=login&username=$username&password=$password" "https://qualysapi.qualys.eu/api/2.0/fo/session/"'
Invoke-Expression $Login
}
function list{
$filepath = "C:\Users\tarun.kumar1\Desktop\test3.csv"
$csv = Import-csv $filepath
foreach ($item in $csv)
{
$title=$($item.AssetGrpName)
$title=$title+$counter
$assetid=$($item.ID)
$scannername=$($item.Scanner)
$startdate=$($item.Date)
$starthour=$($item.StartHour)
$startmin=$($item.StartMin)
#echo $title,$assetid,$scannername,$startdate,$starthour,$startmin
$List='curl -H "X-Requested-With: curl" -b "cookie.txt" -X "POST" -d "scan_title=$title&active=1&option_id=90348959&target_from=assets&asset_group_ids=$assetid&iscanner_name=$scannername&occurrence=daily&frequency_days=1&start_date=$startdate&start_hour=$starthour&start_minute=$startmin&time_zone_code=ST&pause_after_hours=36&observe_dst=no&recurrence=1" "https://qualysapi.qualys.eu/api/2.0/fo/schedule/scan/?action=create"'
Invoke-Expression $List
}
}
function logout{
#Logout
curl -H "X-Requested-With: Curl Sample" -d "action=logout" -b "cookie.txt" "https://qualysapi.qualys.eu/api/2.0/fo/session/"
}
function Main{
login
list
logout
}
. Main
No Need to worry, just add details in CSC, use powershell and API and it will be done in few blinks.
Thanks to power of API and scripting (here powershell)
Below is the powershell code & Sample CSV entries that will be fetched
DCName AssetGrpName ID Scanner OptionProfile StartHour StartMin Duration Date
DC1 DD_DC1 123 scanner1 5858 3 0 36 8/9/2016
DC2 DD_DC2 456 scanner2 5858 2 30 36 8/9/2016
# Using Cookie.txt for storing cookie as input and output
param(
[Parameter(Mandatory=$true)][String]$username,
#End user must not be able to see the typed password, so protecting it
[Parameter(Mandatory=$true)][SecureString]$SecurePassword,
[Parameter(Mandatory=$false)][int]$ScanProfile=90348959
)
#Now we will convert back the securepassword input to the plain text as Qualys API works in that way
# Create a "password pointer"
$PasswordPointer = [Runtime.InteropServices.Marshal]::SecureStringToBSTR($SecurePassword)
# Get the plain text version of the password
$password = [Runtime.InteropServices.Marshal]::PtrToStringAuto($PasswordPointer)
# Free the pointer
[Runtime.InteropServices.Marshal]::ZeroFreeBSTR($PasswordPointer)
# Plain text password is in $password
remove-item alias:curl
[String]$counter='AUG'
#[String]$Cookie1= "$qualys_scan_schedule.cookies"
function login{
#login to qualys and dump the response cookie into Cookie1 which is pointing to .cookies
$Login ='curl -H "X-Requested-With: Curl Sample" -c "cookie.txt" -d "action=login&username=$username&password=$password" "https://qualysapi.qualys.eu/api/2.0/fo/session/"'
Invoke-Expression $Login
}
function list{
$filepath = "C:\Users\tarun.kumar1\Desktop\test3.csv"
$csv = Import-csv $filepath
foreach ($item in $csv)
{
$title=$($item.AssetGrpName)
$title=$title+$counter
$assetid=$($item.ID)
$scannername=$($item.Scanner)
$startdate=$($item.Date)
$starthour=$($item.StartHour)
$startmin=$($item.StartMin)
#echo $title,$assetid,$scannername,$startdate,$starthour,$startmin
$List='curl -H "X-Requested-With: curl" -b "cookie.txt" -X "POST" -d "scan_title=$title&active=1&option_id=90348959&target_from=assets&asset_group_ids=$assetid&iscanner_name=$scannername&occurrence=daily&frequency_days=1&start_date=$startdate&start_hour=$starthour&start_minute=$startmin&time_zone_code=ST&pause_after_hours=36&observe_dst=no&recurrence=1" "https://qualysapi.qualys.eu/api/2.0/fo/schedule/scan/?action=create"'
Invoke-Expression $List
}
}
function logout{
#Logout
curl -H "X-Requested-With: Curl Sample" -d "action=logout" -b "cookie.txt" "https://qualysapi.qualys.eu/api/2.0/fo/session/"
}
function Main{
login
list
logout
}
. Main