Qualys Cloud Agent Getting Started Guide

Verity Confidential

Cloud Agent

Getting Started Guide

July 04, 2024

Qualys and the Qualys logo are registered trademarks of Qualys, Inc. All other trademarks

are the property of their respective owners.

Qualys, Inc.

919 E Hillsdale Blvd

4th Floor

Foster City, CA 94404

1 (650) 801 6100

Verity Confidential

Table of Contents

About this Guide ...............................................................................................4

About Qualys ........................................................................................................................... 4

Qualys Support ........................................................................................................................ 4

Get Started ......................................................................................................... 5

Overview ................................................................................................................................... 5

What do I need to know? ........................................................................................................5

Cloud Agent Platform Availability Matrix ............................................................................ 7

It’s easy to install agents ........................................................................................................ 8

Installing agents in AWS ...................................................................................................... 12

We’re syncing asset data to the cloud! ............................................................................... 12

Continuous scanning in the cloud ....................................................................................... 13

Cloud Agent Cloud Provider Metadata ................................................................................ 14

Manage Your Agents.......................................................................................21

A quick look at your agents .................................................................................................. 21

Tell me about agent status ................................................................................................... 22

Easily view current Asset Details ......................................................................................... 24

Take bulk actions on agents ................................................................................................. 25

Change configuration ............................................................................................................ 25

Tagging agent hosts .............................................................................................................. 26

Looking for agent files? ......................................................................................................... 28

About this Guide

About Qualys

About this Guide

Thank you for your interest in our revolutionary new Qualys Cloud Agent Platform. This

new platform extends the Qualys Cloud Platform to continuously assess global IT

infrastructure and applications using lightweight agents. All you have to do is install

agents on your IT assets. We’ll help you get started quickly!

About Qualys

Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of cloud-based security and

compliance solutions. The Qualys Cloud Platform and its integrated apps help businesses

simplify security operations and lower the cost of compliance by delivering critical

security intelligence on demand and automating the full spectrum of auditing,

compliance and protection for IT systems and web applications.

Founded in 1999, Qualys has established strategic partnerships with leading managed

service providers and consulting organizations including Accenture, BT, Cognizant

Technology Solutions, Deutsche Telekom, Fujitsu, HCL, HP Enterprise, IBM, Infosys, NTT,

Optiv, SecureWorks, Tata Communications, Verizon and Wipro. The company is also a

founding member of the Cloud Security Alliance (CSA). For more information, please visit

www.qualys.com

Qualys Support

Qualys is committed to providing you with the most thorough support. Through online

documentation, telephone help, and direct email support, Qualys ensures that your

questions will be answered in the fastest time possible. We support you 7 days a week,

24 hours a day. Access support information at www.qualys.com/support/

Get Started

Overview

Get Started

With Qualys Cloud Agent you’ll get continuous network security updates through the

cloud. As soon as changes are discovered on your hosts they’ll be assessed and you’ll

know about new security threats right away. All you have to do is install lightweight

agents on your hosts - we’ll help you do this quickly!

Overview

Install lightweight agents in minutes on your IT assets. These can be installed on your

on-premise systems, dynamic cloud environments and mobile endpoints. Agents are

centrally managed by the cloud agent platform and are self-updating (no reboot needed).

Scanning in the Cloud We’ll start syncing asset data to the cloud agent platform once

agents are installed. Agents continuously collect metadata, beam it to the cloud agent

platform where full assessments occur right away. Since the heavy lifting is done in the

cloud the agent needs minimal footprint and processing on target systems.

Stay updated with network security Scanning in the cloud uses the same signatures

(vulnerabilities, compliance datapoints) as traditional scanning with Qualys scanners.

You’ll get informed right away about new security threats using your Qualys Cloud

Platform applications - Vulnerability Management (VM), Policy Compliance (PC),

Continuous Monitoring (CM), AssetView (AV) and more!

What do I need to know?

Here’s a few things to know before you install agents on hosts within your network.

Get informed quickly about Qualys Cloud Agent (CA).

Video Tutorials

Cloud Agent Platform Introduction (2m 10 s)

Getting Started Tutorial (6m 34s)

Get Started

What do I need to know?

Cloud Agent requirements

- We support these systems: Windows, Linux/Unix (.rpm), Linux (.deb), BSD(.txz),

Apple Mac OSX (.pkg)

Cloud Agent Platform Availability Matrix

- Your hosts must be able to reach your Qualys Cloud Platform (or the Qualys Private

Cloud Platform) over HTTPS port 443. Go to Help > About to see the URL your hosts need to

access.

- To install Windows Agent you must have local administrator privileges on your hosts.

Proxy configuration is supported

- To install Linux Agent, BSD Agent, Unix Agent, MacOS Agent you must have root

privileges, non-root with Sudo root delegation, or non-root with sufficient privileges (VM

scan only). Proxy configuration is supported.

Steps to install agents

- Create an activation key. This provides a way to group agents and bind them to your

account.

- Download the agent installer to your local machine.

- Run the installer on each host from an elevated command prompt, or use group policy or

a systems management tool.

- Activate agents for modules in your subscription (VM, PC, FIM, EDR, PM, and so on). A

license will be consumed for each agent activated.

Note: For Patch Management, this activates Cloud Agent only for patch detection. For

patch deployment, a separate license must be assigned to the agents from the Patch

Management application.

Our Quick Start Guide helps you get started

Check out our Quick Start Guide (you can go to user name menu and select this option).

On the left you’ll see step by step instructions with links to the right places to take actions.

On the right you’ll find links to video tutorials.

Qualys URL your hosts need to access

The Qualys URL you use depends on the Qualys platform where your account is located.

Refer https://www.qualys.com/platform-identification/

Get Started

Cloud Agent Platform Availability Matrix

Tip - You can click Cloud Agent Overview to get helpful information on requirements,

proxy support and more.

Looking for training? You might want to check out these options.

Cloud Agent Platform Availability Matrix

For the most current list of supported cloud agents with versions and modules on the

Qualys Cloud Platform, please refer to the following article:

Cloud Agent Platform Availability Matrix

Free Training

Take a free CA self paced class

CA video library

Get Started

It’s easy to install agents

It just takes a couple minutes to install an agent. Our wizard will help you do it quickly!

Help me with the steps

Start the wizard Choose Agent Management and select Manage Activation Keys (or go to

the Activation Keys tab).

Select New Key to create a new activation key. An activation key is used to install agents.

Already have a key? Just select a key from the list, and select Install Agent from the Quick

Actions menu.

The activate key

provides a way

to group agents

and bind them

to your account.

For example,

you can create

different keys

for various

business

functions and

Get Started

It’s easy to install agents

Generate a new activation key Click the Generate button.

Give your key a

meaningful

name to easily

identify it later.

Why add tags?

This helps you

manage agents

- we’ll associate

tags to agent

hosts.

Your key is

unlimited by

default - install

any number of

agents at any

time.

Set limits if you

want the key to

expire after a

number of

agents, or on a

certain date, or

both.

Auto activate

agents for apps

in your account.

Skip this step to

activate agents

at a later time.

Get Started

It’s easy to install agents

Review requirements and click Install Instructions for the target agent host.

Install your agents You’ll download the agent installer and run on your hosts. To run the

installer you just copy and paste the command shown - it’s that simple.

Depending on the OS type, you’ll download respective agent installer and install the agent

from Install Instructions.

Few examples:

For Linux (.rpm) ARM64, you’ll click Download .rpm button to download the agent

installer.

For Linux (.deb) ARM64, you’ll click Download .deb button to download the agent installer.

For MacOS (.pkg) x64, you’ll click Download .pkg button to download the agent installer.

Setup proxy support Our installation guides help you with this and more options.

Installation Guides: Windows Agent | Linux Agent | BSD Agent | Unix Agent | MacOS Agent

Don’t see all of

the options?

Just go to Help >

Contact

Support and

we’ll help you

with this

quickly

Get Started

It’s easy to install agents

Upgrade your agents

You can choose to upgrade the Cloud agent automatically or manually.

Upgrade the agent automatically

Upgrade your cloud agents to the latest version automatically. To enable automatic

upgrade of the agents, clear the Prevent auto updating of the agent binaries check box

within the Cloud Agent module of your Configuration Profiles.

Upgrade the agent manually

Upgrade your cloud agents to the latest version manually.

See instructions for upgrading cloud agents in the following installation guides: Windows |

Linux | AIX/Unix | MacOS | BSD

Deploy Cloud Agent using third-party tools

Qualys Cloud Agents can be deployed via third-party deployment tools. For details, refer to

the following resources:

- Deploy Qualys Cloud Agent for Windows using Group Policy

- Deploy Qualys Windows Cloud Agent with Configuration Manager

Get Started

Installing agents in AWS

Please follow the installation steps provided at the link below.

We’re syncing asset data to the cloud!

The agent immediately connects to the cloud agent platform and registers itself. We

would expect you to see your first asset discovery results within a few minutes. This is a

light scan that collects asset inventory data: IP address, OS, DNS/NetBIOS names, MAC

address.

Status messages are continuously updated. Learn more

Be sure to Activate Agents for modules (VM/PC) or (FIM/EDR/PM/SA). Activate Agent from

the Quick Actions menu (or do it for many agents in bulk using the Actions menu). If you

skip this step your agents will sync inventory information only (IP address, OS, DNS and

NetBIOS names, MAC address) and the cloud agent platform will not perform host

assessments and report security threats.

No agent status? You should see the status of your agent (on the Agents tab) a few

minutes after installation. If there’s no status this means your agent has not been

installed - it did not successfully connect to the cloud platform and register itself.

There are 2 common reasons for this:

1) The agent host cannot reach the Qualys Cloud Platform (or the Qualys Private Cloud

Platform if this applies to you) over HTTPS port 443. Check network access and be sure to

allow the platform URL listed in your account. Just go to Help > About for details.

Learn more

Installing Cloud Agent in AWS

Get Started

Continuous scanning in the cloud

2) You have a custom proxy. Our Quick Start Guide > Cloud Agent Overview will help you

with this quickly.

Still need help? Keep in mind your agents must connect to the cloud platform to start

syncing asset data to the cloud. Read our troubleshooting tips (under Help > Online Help).

Continuous scanning in the cloud

The first assessment scan in the cloud takes some time, after that scans complete as soon

as new host metadata is uploaded to the platform.

How it works The agent sends up an upload of the baseline snapshot to the cloud agent

platform for assessment. For the initial upload the agent collects comprehensive

metadata about the target host (a few megabytes) and sends a baseline snapshot to the

cloud for assessment. The status Scan Complete is reported upon success. This first scan

typically takes 30 minutes to 2 hours using the default configuration - after that scans run

instantly on the delta uploads (a few kilobytes each).

The asset data the agent collects includes many things for the baseline snapshot like

network posture, OS, open ports, installed software, registry info, what patches are

installed, environment variables, and metadata associated with files. The agent stores a

snapshot on the agent host to quickly determine deltas to host metadata it collects.

What signatures are tested? Agent-based scanning uses the same signatures

(vulnerabilities, compliance datapoints) as traditional scanning with Qualys scanners. If

you’ve activated your agents for VM, we’ll test for vulnerability signatures. If you’ve

activated your agents for PC we’ll check for compliance datapoints.

Get Started

Cloud Agent Cloud Provider Metadata

Available starting with Cloud Agent Linux 1.7.0 and Cloud Agent Windows 1.6.0 releases,

the Qualys Cloud Agent collects instance metadata from supported public cloud

providers, including Amazon Web Services, Microsoft Azure, and Google Compute

Platform.

The agent collects the instance metadata from the cloud provider's instance metadata

web services locally available from each running instance via HTTP as part of the agent's

default inventory collection. The collected instance metadata is available in the Qualys

AssetView module (Asset Details and new search tokens) and Asset Management API.

The following table presents the URLs that the Cloud Agent for Windows and Linux uses

to fetch Cloud metadata using cloud APIs:

Cloud Provider Windows Linux

AWS http://169.254.169.254/latest/

meta-data/instance-id

http://169.254.169.254/latest/

Azure http://169.254.169.254/metadat

a/instance/compute?api-

version=2017-08-01

http://169.254.169.254/metadat

GCP http://metadata.google.internal

/computeMetadata/v1/instance

/id

http://metadata.google.internal

/computeMetadata/v1/

IBM https://api.service.softlayer.co

m/rest/v3/SoftLayer_Resource_

Metadata/getId

https://api.service.softlayer.co

m/rest/v3/

OCI http://169.254.169.254/opc/v2/i

nstance/id

http://169.254.169.254/opc/v1/i

nstance/id

http://169.254.169.254/opc/v2/

ALIBABA http://100.100.100.200/latest/m

eta-data/instance-id

http://100.100.100.200/latest/

Get Started

Cloud Agent Cloud Provider Metadata

Cloud Provider Instance Metadata

The following table lists the instance metadata currently collected by the Cloud Agent for

each cloud provider. Refer to the Cloud Agent Release Notes for additional instance

metadata collected from public cloud providers in future versions of the Cloud Agent.

For AWS

Cloud Agent Windows Cloud Agent Linux

accountId

ami-id

availability-zone

instance-id

instance-type

kernel-id

local-hostname

local-ipv4

network/interfaces/macs/mac/mac

network/interfaces/macs/mac/subnet-id

public-hostname

public-ipv4

region

reservation-id

security-groups

security-groups-ids

vpc-id

asset.aws.ec2.availabilityZone

asset.aws.ec2.accountId

asset.aws.ec2.region

asset.aws.ec2.VPCId

asset.aws.ec2.publicIpAddress

asset.aws.ec2.document

asset.aws.ec2.macAddress-find

asset.aws.ec2.instanceId

asset.aws.ec2.kernelId

asset.aws.ec2.macAddress

asset.aws.ec2.hostnamePublic

asset.aws.ec2.subnetId

asset.aws.ec2.securityGroups

asset.aws.ec2.reservationId

asset.aws.ec2.instanceType

asset.aws.ec2.securityGroupIds

asset.aws.ec2.privateIpAddress

asset.aws.ec2.amiId

asset.aws.ec2.hostname

asset.aws.ec2.tags

accountId

ami-id

availability-zone

instance-id

instance-type

kernel-id

local-hostname

local-ipv4

network/interfaces/macs/mac/mac

network/interfaces/macs/mac/subnet-id

public-hostname

public-ipv4

region

reservation-id

security-groups

security-groups-ids

created date

state

vpc-id

asset.aws.ec2.instanceId

asset.aws.ec2.instanceType

asset.aws.ec2.privateIpAddress

asset.aws.ec2.region

asset.aws.ec2.kernelId

asset.aws.ec2.availabilityZone

asset.aws.ec2.amiId

asset.aws.ec2.accountId

asset.aws.ec2.hostname

asset.aws.ec2.hostnamePublic

asset.aws.ec2.publicIpAddress

asset.aws.ec2.macAddress

asset.aws.ec2.reservationId

asset.aws.ec2.ami-launch-index

asset.aws.ec2.ami-manifest-path

asset.aws.ec2.instance-action

asset.aws.ec2.securityGroups

asset.aws.ec2.VPCId

asset.aws.ec2.securityGroupsIds

asset.aws.ec2.subnetId

asset.aws.ec2.tags

asset.aws.ec2.launchTime

asset.aws.ec2.isSpotInstance

Get Started

Cloud Agent Cloud Provider Metadata

For AWS

Cloud Agent Mac

accountId

ami-id

availability-zone

instance-id

instance-type

kernel-id

local-hostname

local-ipv4

network/interfaces/macs/mac/mac

network/interfaces/macs/mac/subnet-id

public-hostname

public-ipv4

region

reservation-id

security-groups

security-groups-ids

vpc-id

created date

state

spot instance

asset.aws.ec2.VPCId

asset.aws.ec2.hostname

asset.aws.ec2.instance-action

asset.aws.ec2.privateIpAddress

asset.aws.ec2.accountId

asset.aws.ec2.availabilityZone

asset.aws.ec2.region

asset.aws.ec2.subnetId

asset.aws.ec2.isSpotInstance

asset.aws.ec2.ami-manifest-path

asset.aws.ec2.macAddress

asset.aws.ec2.publicIpAddress

asset.aws.ec2.instanceId

asset.aws.ec2.reservationId

asset.aws.ec2.kernelId

asset.aws.ec2.launchTime

asset.aws.ec2.amiId

asset.aws.tags

asset.aws.ec2.hostnamePublic

asset.aws.ec2.instanceType

asset.aws.ec2.ami-launch-index

asset.aws.ec2.securityGroupsIds

asset.aws.ec2.securityGroups

ProviderName

Get Started

Cloud Agent Cloud Provider Metadata

For Azure

Cloud Agent Windows Cloud Agent Linux

compute.location

compute.name

compute.offer

compute.osType

compute.publisher

compute.resourceGroupName

compute.subscriptionId

compute.tags

compute.version

compute.vmId

compute.vmSize

network.interface.ipv4.ipaddress.privateIpAddress

network.interface.ipv4.ipaddress.publicIpAddress

network.interface.ipv4.subnet.address

network.interface.ipv6.ipaddress.ipAddress

network.interface.macAddres

asset.azure.vm.subnet

asset.azure.vm.offer

asset.azure.vm

asset.azure.vm.subscriptionId

asset.azure.vm.name

asset.azure.vm.publisher

asset.azure.vm.privateIpAddress

asset.azure.vm.vmSize

asset.azure.vm.publicIpAddress

asset.azure.tags

asset.azure.vm.version

asset.azure.vm.ipv6

asset.azure.vm.vmId

asset.azure.vm.macAddress

asset.azure.vm.location

asset.azure.vm.resourceGroupName

asset.azure.vm.osType

compute.location

compute.name

compute.offer

compute.osType

compute.publisher

compute.resourceGroupName

compute.subscriptionId

compute.tags

compute.version

compute.vmId

compute.vmSize

network.interface.ipv4.ipaddress.privateIpAddress

network.interface.ipv4.ipaddress.publicIpAddress

network.interface.ipv4.subnet.address

network.interface.ipv6.ipaddress.ipAddress

network.interface.macAddres

asset.azure.vm.vmId

asset.azure.vm.name

asset.azure.vm.location

asset.azure.vm.vmSize

asset.azure.vm.offer

asset.azure.vm.publisher

asset.azure.vm.version

asset.azure.vm.osType

asset.azure.vm.SubscriptionId

asset.azure.tags

asset.azure.vm.resourceGroupName

asset.azure.vm.subnet

asset.azure.vm.macAddress

asset.azure.vm.publicIpAddress

asset.azure.vm.privateIpAddress

asset.azure.vm.ipv6

Get Started

Cloud Agent Cloud Provider Metadata

For GCP

For IBM

Cloud Agent Windows Cloud Agent Linux

instance/hostname

instance/id

instance/machine-type

instance/network-interfaces/

instance/network-interfaces/0/access-configs/0/external-ip

instance/network-interfaces/0/ip

instance/network-interfaces/0/mac

instance/network-interfaces/0/network

instance/zone

project/numeric-project-id

project/project-id

asset.gcp.compute.projectIdNo

asset.gcp.compute.hostname

asset.gcp.compute.projectDetails

asset.gcp.compute.id-PreAggregate

asset.gcp.compute.macAddress

asset.gcp.compute.id

asset.gcp.compute.publicIpAddress

asset.gcp.compute.projectId

asset.gcp.compute.networkInterface

asset.gcp.compute.zone

asset.gcp.compute.network

asset.gcp.compute.privateIpAddress

asset.gcp.compute.machineType

instance/hostname

instance/id

instance/machine-type

instance/network-interfaces/

instance/network-interfaces/0/access-configs/0/external-ip

instance/network-interfaces/0/ip

instance/network-interfaces/0/mac

instance/network-interfaces/0/network

instance/zone

project/numeric-project-id

project/project-id

asset.gcp.compute.id

asset.gcp.compute.hostname

asset.gcp.compute.machineType

asset.gcp.compute.zone

asset.gcp.compute.publicIpAddress

asset.gcp.compute.privateIpAddress

asset.gcp.compute.network

asset.gcp.compute.macAddress

asset.gcp.compute.projectIdNo

asset.gcp.compute.projectId

Cloud Agent Windows Cloud Agent Linux

PrimaryIpAddress

Vlans

domain

datacenter

DatacenterId

FullyQualifiedDomainName

PrimaryIpAddress

PrimaryBackendIpAddress

asset.ibm.virtualServer.frontendMacAddresses

asset.ibm.virtualServer.backendMacAddresses

asset.ibm.virtualServer.id

asset.ibm.virtualServer.publicIP

asset.ibm.virtualServer.publicVlan

asset.ibm.virtualServer.privateVlan

asset.ibm.virtualServer.domain

asset.ibm.virtualServer.tags

asset.ibm.virtualServer.deviceName

asset.ibm.virtualServer.location

asset.ibm.virtualServer.pivateIP

asset.ibm.virtualServer.datacenterId

asset.ibm.virtualServer.id-PreAggregate

datacenter

DatacenterId

FullyQualifiedDomainName

PrimaryIpAddress

PrimaryBackendIpAddress

domain

Tag s

Vlans

asset.ibm.virtualServer.location

asset.ibm.virtualServer.datacenterId

asset.ibm.virtualServer.deviceName

asset.ibm.virtualServer.publicIp

asset.ibm.virtualServer.privateIp

asset.ibm.virtualServer.id

asset.ibm.virtualServer.domain

asset.ibm.tags

asset.ibm.virtualServer.publicVlan

asset.ibm.virtualServer.privateVlan

Get Started

Cloud Agent Cloud Provider Metadata

For OCI

Cloud Agent Windows Cloud Agent Linux

image

state

displayName

compartmentId

timeCreated

definedtags

freeformTags

shape

region

faultDomain

availabilityDomain

hostName

canonicalRegionName

asset.oracle.compute.image

asset.oracle.compute.vnic

asset.oracle.compute.state

asset.oracle.compute.displayName

asset.oracle.compute.instanceId

asset.oracle.compute.compartmentId

asset.oracle.compute.timeCreated

asset.oracle.compute

asset.oracle.compute.definedtags

asset.oracle.compute.freeformtags

asset.oracle.compute.shape

asset.oracle.compute.region

asset.oracle.compute.faultDomain

asset.oracle.compute.availabilityDomain

asset.oracle.compute.hostname

asset.oracle.compute.canonicalRegionName

displayName

compartmentId

shape

state

region

availabilityDomain

timeCreated

image

faultDomain

hostName

canonicalRegionName

definedTags

freeformTags

asset.oracle.compute.instanceId

asset.oracle.compute.displayName

asset.oracle.compute.compartmentId

asset.oracle.compute.shape

asset.oracle.compute.state

asset.oracle.compute.region

asset.oracle.compute.availabilityDomain

asset.oracle.compute.timeCreated

asset.oracle.compute.image

asset.oracle.compute.faultDomain

asset.oracle.compute.hostName

asset.oracle.compute.canonicalRegionName

asset.oracle.compute.definedtags

asset.oracle.compute.freeformtags

asset.oracle.compute.vnic

Get Started

Cloud Agent Cloud Provider Metadata

For Alibaba

Cloud Agent Windows

hostname

image-id

instance-id

mac

network-type

instance/instance-type

owner-account-id

private-ipv4

public-ipv4

region-id

zone-id

vpc-cidr-block

vpc-id

serial-number

vswitch-id

vswitch-cidr-block

network/interfaces/macs/[mac]/network-interface-id

dns-conf/nameservers

asset.alibaba.instance.hostName

asset.alibaba.instance.imageId

asset.alibaba.instance.Id

asset.alibaba.instance.macAddress

asset.alibaba.instance.networkType

asset.alibaba.instance.type

asset.alibaba.instance.accountId

asset.alibaba.instance.privateIpAddress

asset.alibaba.instance.publicIpAddress

asset.alibaba.instance.region

asset.alibaba.instance.zone

asset.alibaba.instance.vpcCidrBlock

asset.alibaba.instance.vpcId

asset.alibaba.instance.serialNumber

asset.alibaba.instance.vswitchId

asset.alibaba.instance.vswitchCidrBlock

asset.alibaba.instance.networkInterface

asset.alibaba.instance.nameserver

Manage Your Agents

A quick look at your agents

Manage Your Agents

A quick look at your agents

1 You should see status messages within a few minutes after installation. Learn more

2 Search your agents - your agents list includes all installed agents that have

connected to the Qualys Cloud Platform.

3 Agent hostname - NetBIOS name for a Windows host, DNS name for a Linux host.

You can configure the name displayed. Just select View Asset Details from the Quick

Actions menu.

4 A configuration profile has settings that impact agent behavior. Initial Profile is the

profile provided by our service to help you get started. Want create a profile with

customized settings? Just go to Configuration Profiles and select New Profile.

5 We assign the Cloud Agent tag to agent hosts automatically. This helps you manage

and report on you agent assets.

Manage Your Agents

Tell me about agent status

The agent status is continuously updated to keep you informed about your agent. Not

seeing any status? Read our troubleshooting tips (under Help > Online Help).

Provisioned

The agent successfully connected to the cloud platform and registered itself.

Manifest Downloaded

The cloud platform updated the manifest assigned to this agent. This tells the agent what

metadata to collect from the host. The updated manifest was successfully downloaded

and it is in effect for this agent. For non-Windows agents the status column shows specific

manifest download status, such as Inventory Manifest Downloaded for inventory, and the

following status for scans:

VM Manifest Downloaded, PC Manifest Downloaded, FIM Manifest Downloaded, or EDR

Manifest Downloaded.

Configuration Downloaded

A user updated the configuration profile assigned to this agent. This defines agent

behavior, i.e. how the agent will collect data from the host. The updated profile was

successfully downloaded and it is in effect for this agent.

Quick Actions menu lets

you

- view asset details

- activate agent for various

assessments (VM, PC, etc)

- uninstall agent

Actions menu lets you

update multiple agents at

once

Manage Your Agents

Tell me about agent status

Agent Downloaded

A new agent version was downloaded and the agent was upgraded as part of the auto-

update process. Note the agent does not need to reboot to upgrade itself.

Inventory Scan Complete

The agent completed host discovery, collected some host information and sent it to the

cloud platform. During host discovery the agent attempts to collect this information: IP

address, OS, NetBIOS name, DNS name, MAC address.

Scan Complete

The agent uploaded new host metadata and an assessment was performed on the cloud

platform. If there is new assessment data (e.g. new VM vulnerabilities, PC datapoints) the

cloud platform processes this data to make it available in your account for viewing and

reporting.

Manage Your Agents

Easily view current Asset Details

Asset Summary and sections that follow show you current asset data returned from the

latest inventory scan and the latest full scan (assessment).

Select View Asset Details from

the menu

Drill down to the various sections to view comprehensive details returned from

vulnerability assessments. You can view control datapoints when your account has

Policy Compliance (PC) enabled, and alert notifications when Continuous Monitoring

(CM) is enabled.

Manage Your Agents

Take bulk actions on agents

Activate, Deactivate, Uninstall multiple agents in one go!

Select agents from your agents list, open the Actions menu and select the bulk action to

apply.

Change configuration

Agents have a default configuration and this controls how agents behave. You can change

agent configuration by creating configuration profiles, and change the order they are

applied.

Initial Profile is the default profile with configuration settings provided by Qualys. This is

assigned to agents by default at installation time. You can easily view the profile settings.

Profile settings impact many agent behaviors. How and when the agent collects

metadata, when it should sync with the cloud platform, when to do self-updates, tuning

of performance and bandwidth utilization, etc. You can create custom profiles and assign

to hosts.

Tip - Double click Initial Profile to view the

default settings provided by Qualys

Manage Your Agents

Tagging agent hosts

Best Practices You might want to assign different agent configurations for different parts

of your network infrastructure, i.e. laptops, servers, desktops, datacenters. Just tag your

hosts according to your groupings and assign these tags to different configuration profiles.

Tagging agent hosts

The dynamic asset tagging features help you manage your agent host assets just like other

assets in your subscription.

The Cloud Agent tag is assigned to every agent host. Select this tag and you’ll see the

number of agent hosts (assets).

The Find assets option lets you find agent assets.

Manage Your Agents

Tagging agent hosts

You might want to tag agent hosts to help you organize them and report on them.

Manage Your Agents

Looking for agent files?

The agent is centrally managed by the cloud platform. For this reason you should not edit

or execute the agent files installed on your hosts - we list these here for your information.

For help with troubleshooting you might want to review the log files.

What’s included? Program files, the manifest (instructions for what data the agent

collects), configuration (how the agent behaves), snapshot database and log files.

Still need help? Click Read our troubleshooting tips (under Help > Online Help).

Windows Agent

C:\Program Files (x86)\QualysAgent\Qualys\QualysCloudAgent.exe

C:\Program Files (x86)\QualysAgent\Qualys\Uninstall.exe

C:\ProgramData\Qualys\QualysAgent\*

Log files (Log.txt, Archive.txt) are located here:

C:\ProgramData\Qualys\QualysAgent

On XP and Server 2003, log files are located here:

C:\Documents and Settings\All Users\Application Data\Qualys\QualysAgent

Have custom variables? No worries, we’ll install the agents following the

environment settings defined for your hosts.

Linux Agent, BSD Agent, Unix Agent, MacOS Agent

/etc/init.d/qualys-cloud-agent

/etc/rc.d //BSD

/etc/qualys/cloud-agent/qagent-log.conf

/var/log/qualys/qualys-cloud-agent.log

/var/opt/qualys/qualys-cloud-agent.log //Unix

/usr/local/qualys/cloud-agent/* //Linux/BSD, Unix

/Applications/QualysCloudAgent.app/* //MacOS