Skip to main content

Qualys TotalCloud

Visualize Qualys TotalCloud cloud assets and CSPM control evaluations across AWS, Azure, GCP, and OCI, and monitor findings and changes through queries and alerts.

Installation

This integration reads data from the Qualys TotalCloud (CloudView) module over its REST API — cloud connectors, cloud assets, controls, and control evaluations (findings) across AWS, Azure, GCP, and OCI. Because it is read-only, a Qualys user with the Reader role is sufficient, provided that user's role has the TotalCloud API Access permission enabled.

info

You will need the following:

  • A Qualys username and password for a user whose role:

    • Has access to the TotalCloud module (the predefined TOTALCLOUD User role, a custom role, or Manager).
    • Has the TotalCloud API Access permission enabled under TotalCloud. Without it, the API responds that the user is not authorized to access the module. See User Roles and Permissions and Assign Role to Users.
  • Your Qualys API URL for the platform that hosts your account — for example, https://qualysapi.qg3.apps.qualys.com. Use the URL that matches your login platform. See Qualys Platform Identification to find yours.

note

The integration authenticates with HTTP Basic authentication against the CloudView/TotalCloud REST API. Use a username and password associated with a non-test (subscription) account user.

Data Volume Configuration

Control how much data is ingested from Qualys TotalCloud to manage storage and processing.

FieldDescriptionDefaultOptions
Findings History DaysHow many days of TotalCloud control evaluations (findings) to fetch per cloud resource.907, 30, 90, 180, 365

How it affects data volume: Larger windows pull more evaluation history per resource and meaningfully increase the number of API calls for large multi-cloud tenants.

All ingestion sources are disabled by default. Enable only the providers (AWS, Azure, GCP, OCI) and data types you need from the integration instance's ingestion source settings to keep ingestion scoped to what you use.

Configuration in JupiterOne

To install the Qualys TotalCloud integration in JupiterOne, navigate to the Integrations tab in JupiterOne and select Qualys TotalCloud. Click New Instance to begin configuring your integration.

Creating an instance requires the following:

  • The Account Name used to identify the Qualys TotalCloud account in JupiterOne. Ingested entities will have this value stored in tag.AccountName when the AccountName toggle is enabled.

  • Description to assist in identifying the integration instance, if desired.

  • Polling Interval that you feel is sufficient for your monitoring needs. You may leave this as DISABLED and manually execute the integration.

  • Your Qualys Username, Password, and API URL.

  • Optionally, the Findings History Days window under the Findings configuration section.

Click Create once all values are provided to finalize the integration.

Next steps

Now that your integration instance has been configured, it will begin running on the polling interval you provided, populating data within JupiterOne. Continue on to our Instance management guide to learn more about working with and editing integration instances.