Qualys Active OS Vuln Count

Qualys
CattyWampus
You already voted!

The following Splunk Search (query) is for Qualys and will show vulnerability count for Windows Hosts. This query assumes that your index is defined as qualys.

index=qualys HOSTVULN SEVERITY=3 OR 4 OR 5 TYPE="CONFIRMED" earliest=-30d@d | dedup HOST_ID, QID | search STATUS!="FIXED" |join QID  | join HOST_ID  | stats count(QID) as #_Vulns by OS | sort -#_Vulns | addcoltotals #_Vulns

* DISCLOSURE* – I did not create this query. That credit goes to Jeff Leggett.

Splunk Query Repository

Qualys Active OS Vuln Count

Leave A Comment? Click here to cancel reply.

Splunk Query Repository

Qualys Active OS Vuln Count

Related Queries

Track Remediation Progress by OS – Qualys

Top 25 Most Vulnerable Systems by OS – Qualys

Top 25 Most Prevailing Vulnerabilities with Patches Available (Multiple OSs)- Qualys

Leave A Comment? Click here to cancel reply.