Track Remediation Progress by OS – Qualys

The following Splunk Search Queries within the Qualys Sourcetype track the remediation progress for a variety of operating systems. The queries are separated by Operating System or Device Type: OS & Device Agnostic

Linux

Network (F5/Cisco/Firewall)

Windows Desktop

Windows Server

I take no credit for this. These queries were discovered […]

Continue Reading →

Top 25 Most Vulnerable Systems by OS – Qualys

The following Splunk Search Queries within the Qualys Sourcetype list the top 25 most vulnerable systems. The queries are separated by Operating System or Device Type: Linux

Network (F5/Cisco/Firewall)

Windows Desktop

Windows Server

I take no credit for this. These queries were discovered on Tarun Kumar’s blog.

Continue Reading →

Top 25 Most Prevailing Vulnerabilities with Patches Available (Multiple OSs)- Qualys

The following Splunk Search Queries within the Qualys Sourcetype list the top 25 most prevailing vulnerabilities that have patches available. The queries are separated by Operating System or Device Type: Linux

Network (F5/Cisco/Firewall)

Windows Desktop

Windows Server

I take no credit for this. These queries were discovered on Tarun Kumar’s blog.

Continue Reading →

Remediation Tracking Trend – Qualys

The following Splunk query will help determine remediation tracking trends within the Qualys Sourcetype:

I take no credit for this. These queries were discovered on Tarun Kumar’s blog.

Continue Reading →

High Severity Vulnerabilities – Qualys

The following Splunk query will show the percentage of high severity vulnerabilities within the Qualys Sourcetype:

I take no credit for this. These queries were discovered on Tarun Kumar’s blog.

Continue Reading →

New Vulnerabilities Detected Since Last Scan – Qualys

As the title suggests this Splunk Search will dedup results so you can better see changes in Vulnerability detection scan to scan within the Qualys Sourcetype:

I take no credit for this. These queries were discovered on Tarun Kumar’s blog.

Continue Reading →

Hosts Taking a Long Time to Scan – Qualys

The following Splunk query will show the hosts taking an abnormally lengthy time to scan (helps find that needle in a haystack) within the Qualys Sourcetype:

I take no credit for this. These queries were discovered on Tarun Kumar’s blog.

Continue Reading →

Number of Vulnerabilities Detected – Qualys

The following Splunk query will show the number of vulnerabilities detected all severities and all types within the Qualys Sourcetype:

I take no credit for this. These queries were discovered on Tarun Kumar’s blog.

Continue Reading →

Qualys – Number of Hosts Scanned

The following Splunk query will show the number of hosts scanned within the Qualys Sourcetype:

I take no credit for this. These queries were discovered on Tarun Kumar’s blog.

Continue Reading →

Qualys Hosts not Scanned in 30 days+

The following Splunk Search (query) is for Qualys and will show hosts that have not been scanned in 30 days or more. This query assumes that your index is defined as qualys.

* DISCLOSURE* – I did not create this query. That credit goes to Jeff Leggett.

Continue Reading →

Qualys 30 Day trending of Re-Opened Vulnerabilities

The following Splunk Search (query) is for Qualys and will show a trending over 30 days for re-opened vulnerabilities. This query assumes that your index is defined as qualys.

* DISCLOSURE* – I did not create this query. That credit goes to Jeff Leggett.

Continue Reading →

Qualys Top 10 Vulnerabilities by Severity

The following Splunk Search (query) is for Qualys and will show the top 10 vulnerabilities by severity as well as a Count of Devices.

* DISCLOSURE* – I did not create this query. That credit goes to Jeff Leggett.

Continue Reading →

Qualys Active OS Vuln Count

The following Splunk Search (query) is for Qualys and will show vulnerability count for Windows Hosts. This query assumes that your index is defined as qualys.

* DISCLOSURE* – I did not create this query. That credit goes to Jeff Leggett.

Continue Reading →