Environment
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows 2000 Server
RedHat Linux
Solaris 9
Situation
How can I run a report to see the Qualys Data that has been loaded
into the eSecurity system?
Resolution
There are two ways to view a report on the Vulnerability Data
(including data uploaded via a Qualys vulnerability agent). They
are:
1) Run one or more of the Crystal Reports found in the following directory on the eSecurity CD-ROM:
For an Oracle Sentinel Database: 3rdparty/reporting/crystal/Oracle/Advisor_Vulnerability
For a MS SQL Server Sentinel Database: 3rdparty\reporting\crystal\ODBC\Advisor_Vulnerability
You can view a sample of the data returned by the reports by looking at the corresponding PDF file in: 3rdparty/reporting/crystal/PDFS/Advisor_Vulnerability
2) You can also view vulnerabilities for that are related to a specific set of events. To do this, highlight a set of events in an Active View or Historical Query Window. Then right-click on the selection and choose "Analysis->Current Vulnerability". A window will popup displaying an HTML report of the vulnerabilities that are on IP's that are affected by the selected events. For Qualys vulnerabilities, the best Template to use will be the QualysVulnResponseHtmlTransformer.
The two suggestions above are ways of viewing vulnerabilities from any vulnerability scanner product. If you have vulnerability data from other vulnerability scanner products in your database and would like to view a report of only the Qualys vulnerability data, then you will need to create a Qualys-specific vulnerability Crystal Report. To create this report, you will need information on the Sentinel vulnerability database schema so you can create the proper SQL queries.
1) Run one or more of the Crystal Reports found in the following directory on the eSecurity CD-ROM:
For an Oracle Sentinel Database: 3rdparty/reporting/crystal/Oracle/Advisor_Vulnerability
For a MS SQL Server Sentinel Database: 3rdparty\reporting\crystal\ODBC\Advisor_Vulnerability
You can view a sample of the data returned by the reports by looking at the corresponding PDF file in: 3rdparty/reporting/crystal/PDFS/Advisor_Vulnerability
2) You can also view vulnerabilities for that are related to a specific set of events. To do this, highlight a set of events in an Active View or Historical Query Window. Then right-click on the selection and choose "Analysis->Current Vulnerability". A window will popup displaying an HTML report of the vulnerabilities that are on IP's that are affected by the selected events. For Qualys vulnerabilities, the best Template to use will be the QualysVulnResponseHtmlTransformer.
The two suggestions above are ways of viewing vulnerabilities from any vulnerability scanner product. If you have vulnerability data from other vulnerability scanner products in your database and would like to view a report of only the Qualys vulnerability data, then you will need to create a Qualys-specific vulnerability Crystal Report. To create this report, you will need information on the Sentinel vulnerability database schema so you can create the proper SQL queries.