# Test Release - QualysTBX - Qualys Toolbox Project
**Note: This is a test release and should not be used in production.**
**QualysTBX** is a comprehensive toolbox project designed to provide various utilities for interacting with Qualys services. The initial offering within this project is the **Policy Merge** tool, which allows users to selectively merge Control IDs (CIDs) from one policy into another, ensuring streamlined and consistent policy updates. As the project evolves, additional tools will be developed and integrated to meet emerging needs and enhance functionality.
## Qualys Tools Included in QualysTBX
### 1. Policy Merge
**Description:** The Policy Merge tool in QualysTBX allows you to seamlessly merge specific Control IDs (CIDs) from an existing policy into a new policy. This tool is essential for maintaining up-to-date and consistent security policies, especially when integrating changes from legacy policies into current ones. It supports efficient policy management by allowing selective merging of controls, ensuring that only relevant and necessary updates are incorporated.
## Prerequisites Python Module Linux/Mac or Windows
- Install Python Latest Version, greater than 3.9
## First time install or upgrade of QualysTBX
| Step Number | Code to Run (Linux/Mac) | Code to Run (Windows) | Description |
|-------------|---------------------------------------------------------------------|----------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------|
| 1 | `cd [your data storage directory]` | `cd [your data storage directory]` | Change to your data storage directory where you want to store your environment and logs. |
| 2 | `python -m venv qtbx_venv` | `python -m venv qtbx_venv` | Create a Python virtual environment named `qtbx_venv` for the `qualystbx` tool. |
| 3 | `source ./qtbx_venv/bin/activate` | `.\qtbx_venv\Scripts\activate` | Activate the Python virtual environment. This step needs to be done each time you want to run `qualystbx`. |
| 4 | `python -m pip install --upgrade psutil qualystbx lxml requests xmltodict` | `python -m pip install --upgrade psutil qualystbx lxml requests xmltodict` | Install the necessary packages: `qualystbx`, `lxml`, `requests`, and `xmltodict`. |
**Linux/Mac Example (bash script)**
```sh
#!/bin/bash
cd /path/to/your/data/storage # Change to your data storage directory
python -m venv qtbx_venv # Create a Python virtual environment
source ./qtbx_venv/bin/activate # Activate the Python virtual environment
python -m pip install --upgrade psutil qualystbx lxml requests xmltodict # Install the necessary packages
```
**Windows Example (batch script)**
```bat
cd \path\to\your\data\storage
python -m venv qtbx_venv
.\qtbx_venv\Scripts\activate
python -m pip install --upgrade psutil qualystbx lxml requests xmltodict # Install the necessary packages
```
## Operations You Can Perform with QualysTBX
### Prerequisites
Before running `qualystbx`, the following environment variables need to be set:
- **PYTHONUNBUFFERED**: Set to `1`
- **q_username**: Your Qualys API username
- **q_password**: Your Qualys API password
- **q_api_fqdn_server**: The Qualys API FQDN server (e.g., `qualysapi.qualys.com`)
### Setting Environment Variables
#### Linux/Mac
To set the environment variables on Linux/Mac, use the following commands:
```sh
export PYTHONUNBUFFERED=1
export q_username=[qualys api user]
export q_password=[qualys api password]
export q_api_fqdn_server=[qualys api fqdn server]
cd /path/to/your/storage
source ./qtbx_venv/bin/activate
```
#### Windows
To set the environment variables on Windows, use the following commands:
```cmd
set PYTHONUNBUFFERED=1
set q_username=[qualys api user]
set q_password=[qualys api password]
set q_api_fqdn_server=[qualys api fqdn server]
cd \path\to\your\data\storage
.\qtbx_venv\Scripts\activate
```
### Policy Merge
**Description:** Execute the `policy_merge` command in `qualystbx` with the specified new policy ID, old policy ID, and comma-separated CID list. Optionally, add `--log_to_console` to log to the console. If not specified, logs will be saved to `[your data storage directory]/qtbx_venv/qualystbx/qtbx_home/policy_merge/log/policy_merge.log`.
**Command:**
```sh
qualystbx --execute policy_merge --new_policy_id=[new policy id] --old_policy_id=[old policy id] --cid_list=[comma separated cid list] [--log_to_console]
```
### Explanation of Each Option
- **new_policy_id**: The ID of the new policy into which the CIDs will be merged.
- **old_policy_id**: The ID of the old policy from which the CIDs will be sourced.
- **cid_list**: A comma-separated list of CIDs to be merged from the old policy to the new policy.
- **--log_to_console**: (Optional) If this flag is included, logs will be printed to the console. If not, logs will be saved to the specified log file.
### Path Differences Between Windows and Linux/Mac
- **Linux/Mac Log Path**: `[your data storage directory]/qtbx_venv/qualystbx/qtbx_home/policy_merge/log/policy_merge.log`
- **Windows Log Path**: `[your data storage directory]\qtbx_venv\qualystbx\qtbx_home\policy_merge\log\policy_merge.log`
### Example Command
- **Linux/Mac**:
```sh
qualystbx --execute policy_merge --new_policy_id=12345 --old_policy_id=67890 --cid_list=111,222,333 --log_to_console
```
or without logging to console:
```sh
qualystbx --execute policy_merge --new_policy_id=12345 --old_policy_id=67890 --cid_list=111,222,333
```
- **Windows**:
```cmd
qualystbx --execute policy_merge --new_policy_id=12345 --old_policy_id=67890 --cid_list=111,222,333 --log_to_console
```
or without logging to console:
```cmd
qualystbx --execute policy_merge --new_policy_id=12345 --old_policy_id=67890 --cid_list=111,222,333
```
### Policy Merge Directories and Paths
After executing the `policy_merge` command, several files are created and updated within the `qtbx_venv/qualystbx/qtbx_home/policy_merge/data` directory. These files contain the results and details of the merge operation. Here’s a detailed explanation of each result file:
| Directory/File Path | Description |
|----------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `qtbx_venv` [qtbx_venv] | This is the virtual directory for the QualysTBX environment and tools. |
| `qtbx_venv/qualystbx/qtbx_home` [home_dir] | The home directory for QualysTBX where configuration, credentials, logs, binaries, and data related to the tool are stored. |
| `[home_dir]/policy_merge` [policy_merge] | This directory specifically contains all the files and subdirectories related to the `policy_merge` operation within QualysTBX. |
| `[policy_merge]/log` | This directory stores log files generated during the `policy_merge` operation. |
| `[policy_merge]/log/policy_merge.log` | The main log file where the `policy_merge` operation logs its activities, errors, and status updates. If the `--log_to_console` option is not used, logs are saved here. |
| `[policy_merge]/config` | This directory contains configuration files for the `policy_merge` operation. These configurations might include settings or parameters that control how the merge process is executed. |
| `[policy_merge]/cred` | This directory stores credential files used by the `policy_merge` operation to authenticate with the Qualys API. These files are essential for secure access. |
| `[policy_merge]/bin` | This directory contains executable files or scripts required by the `policy_merge` operation. |
| `[policy_merge]/data` | This directory holds data files related to the policies being merged. These files include XML files representing different policies and their components. |
| `[policy_merge]/data/import_new_policy_results_file.xml` | This file contains the results of importing the new policy, which is used in the merge operation. |
| `[policy_merge]/data/old_policy_id.xml` | This file contains the details of the old policy, identified by its policy ID, from which CIDs will be sourced for merging. |
| `[policy_merge]/data/merged_policy_id_file.xml` | This will be loaded into Qualys with a new policy name, prefixed with. The file stores the results of the merge operation, including the newly created policy that combines elements from the old and new policies. |
| `[policy_merge]/data/new_policy_id.xml` | This file contains the details of the new policy, identified by its policy ID, into which CIDs will be merged. |
| `[policy_merge]/data/old_policy_id_cid_list_for_merge.xml` | This file lists the CIDs from the old policy that are selected for merging into the new policy. |
| `[policy_merge]/data/merged_policy_results_file.xml` | This file contains the final results of the policy merge operation, showing the outcome of combining the old and new policy loaded into Qualys. |
### Naming Convention for Uploaded Merged Policy
The `merged_policy_id_file.xml` will be uploaded to Qualys with a naming convention that includes the date and time of the merge operation and the title of the new policy. The location in the Qualys UI is under Policy Compliance -> Policies -> Policies.
The format of the new merged policy is as follows:
```
MERGED_POLICY_YYYYMMDDThhmmssZ_[TITLE OF NEW POLICY NAME FROM new_policy_id.xml]
```
- **YYYYMMDDThhmmssZ**: Represents the date and time when the policy merge was executed.
- **[TITLE OF NEW POLICY NAME FROM new_policy_id.xml]**: The title of the new policy as specified in the `new_policy_id.xml` file.
This naming convention helps in easily identifying and managing merged policies within Qualys.
### Example
If the merge operation was executed on March 25, 2024, at 14:30:45 UTC, and the title of the new policy from `new_policy_id.xml` is "Security Policy v2", the uploaded file name would be:
```
MERGED_POLICY_20240325T143045Z_Security_Policy_v2.xml
```
# QualysTBX Activity Diagram
- [](https://github.com/dg-cafe/qualystbx_img/assets/82658653/72bc4bad-f21e-4e2b-9f73-923ca4212cc2)
# Policy Merge Tool
Policy Merge is a Policy Comliance Function that merges an old policies CID list into a new Policy. This is useful when customers want to easily merge in their customizations made to existing policies
## Policy Merge Activity Diagram
- [](https://github.com/dg-cafe/qualystbx_img/assets/82658653/da783563-9b3c-49dc-bf04-c66f89a27e35)
# Roadmap
```
Capability | Target | Description
---------- | ------ | -----------
Policy Merge | May 2024 | Automate Policy Merge of specific CID's between old and new policy.
Other Tools | TBD | Other Qualys Tools
```
## Application Directories
| Path | Description |
|-----------------------------------------------------|--------------------------------------------------------------------|
| [user storage dir] | Your python virtaul environment entered at runtime. |
| [user storage dir]/qualystbx/qtbx_home/ | Directory of Tools Data |
| qtbx_home/[tool] | Tool Home Directory. Ex. qtbx_home/policy_merge |
| [tool]/bin | TBD |
| [tool]/cred | TBD |
| [tool]/config | TBD |
| [tool]/log | Logs - Directory of all run logs |
| [tool]/data | Application Data - Directory containing results of tool execution. |
# Logging
Logging fields are pipe delimited with some formatting for raw readability. You can easily import this data into excel,
a database for analysis or link this data to a monitoring system.
| Format | Description |
|-----------------------------|------------------------------------------------------------------------------------------------------------------------------------------|
| YYYY-MM-DD hh:mm:ss,ms | UTC Date and Time. UTC is used to match internal date and time within Qualys data. |
| Logging Level | INFO, ERROR, WARNING, etc. Logging levels can be used for troubleshooting or remote monitoring for ERROR/WARNING log entries. |
| Module Name: YYYYMMDDHHMMSS | Top Level qetl Application Module Name that is executing, along with date to uniquely identify all log entries associated with that job. |
| User Name | Operating System User executing this application. |
| Function Name | qetl Application Function Executing. |
| Message | qetl Application Messages describing actions, providing data. |
# Application Monitoring
- To monitor the application for issues, the logging format includes a logging level.
- Monitoring for ERROR will help identify issues and tend to the overall health of the applicaiton operation.
# Securing Your Application in the Data Center
Follow your corporate procedures for securing your application. A key recommendation is to use a password vault
or remote invocation method that passes the credentials at run time so the password isn't stored on the system.
## Password Vault
QualysTBX provides options to inject credentials at runtime in memory.
Qualys recommends customers move to a password vault of their choosing to operate this applications credentials.
By creating functions to obtain credentials from your corporations password vault, you can improve
the security of your application by separating the password from the machine, injecting the credentials at runtime.
One way customers can do this is through a work load management solution, where the external work load management
system ( Ex. Autosys ) schedules jobs injecting the required credentials into application at runtime. This eliminates
the need to store credentials locally on your system.
If you are unfamiliar with password vaults, here is one example from Hashicorp.
- [Hashicorp Products Vault](https://www.hashicorp.com/products/vault)
- [Hashicorp Getting Started](https://learn.hashicorp.com/tutorials/vault/getting-started-intro?in=vault/getting-started)
# License
<a name="license"></a>
[Apache License](http://www.apache.org/licenses/LICENSE-2.0)
Copyright 2021 David Gregory and Qualys Inc.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
# ChangeLog
<a name="changelog"></a>
```
Version | Date of Change | Description of Changes
------- | -------------- | ----------------------
0.1.0 | 2024-05-17 10:00 ET | Test release, do not use.
0.50.0 | 2024-05-17 10:00 ET | Test release, do not use.
```
# Release Notes Log
<a name="releasenotes"></a>
- 0.1.0 thru 0.50.0 initial test releases, do not use.
Raw data
{
"_id": null,
"home_page": "https://pypi.org/project/qualystbx/",
"name": "qualystbx",
"maintainer": null,
"docs_url": null,
"requires_python": ">=3.9.0",
"maintainer_email": null,
"keywords": "qualys, qualystoolbox, qualys.com, david gregory, qualystbx, qualysapi",
"author": "David Gregory",
"author_email": "dgregory@qualys.com, dave@davidgregory.com",
"download_url": "https://files.pythonhosted.org/packages/69/df/c59543a61ae0024dad6fc86c057a5876e09eab151c48fa77e4bc74c339c8/qualystbx-0.47.0.tar.gz",
"platform": null,
"description": "# Test Release - QualysTBX - Qualys Toolbox Project\n\n**Note: This is a test release and should not be used in production.**\n\n**QualysTBX** is a comprehensive toolbox project designed to provide various utilities for interacting with Qualys services. The initial offering within this project is the **Policy Merge** tool, which allows users to selectively merge Control IDs (CIDs) from one policy into another, ensuring streamlined and consistent policy updates. As the project evolves, additional tools will be developed and integrated to meet emerging needs and enhance functionality.\n\n## Qualys Tools Included in QualysTBX\n\n### 1. Policy Merge\n\n**Description:** The Policy Merge tool in QualysTBX allows you to seamlessly merge specific Control IDs (CIDs) from an existing policy into a new policy. This tool is essential for maintaining up-to-date and consistent security policies, especially when integrating changes from legacy policies into current ones. It supports efficient policy management by allowing selective merging of controls, ensuring that only relevant and necessary updates are incorporated.\n\n\n## Prerequisites Python Module Linux/Mac or Windows\n - Install Python Latest Version, greater than 3.9\n\n## First time install or upgrade of QualysTBX\n\n| Step Number | Code to Run (Linux/Mac) | Code to Run (Windows) | Description |\n|-------------|---------------------------------------------------------------------|----------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------|\n| 1 | `cd [your data storage directory]` | `cd [your data storage directory]` | Change to your data storage directory where you want to store your environment and logs. |\n| 2 | `python -m venv qtbx_venv` | `python -m venv qtbx_venv` | Create a Python virtual environment named `qtbx_venv` for the `qualystbx` tool. |\n| 3 | `source ./qtbx_venv/bin/activate` | `.\\qtbx_venv\\Scripts\\activate` | Activate the Python virtual environment. This step needs to be done each time you want to run `qualystbx`. |\n| 4 | `python -m pip install --upgrade psutil qualystbx lxml requests xmltodict` | `python -m pip install --upgrade psutil qualystbx lxml requests xmltodict` | Install the necessary packages: `qualystbx`, `lxml`, `requests`, and `xmltodict`. |\n\n**Linux/Mac Example (bash script)**\n\n```sh\n#!/bin/bash\ncd /path/to/your/data/storage # Change to your data storage directory\npython -m venv qtbx_venv # Create a Python virtual environment\nsource ./qtbx_venv/bin/activate # Activate the Python virtual environment\npython -m pip install --upgrade psutil qualystbx lxml requests xmltodict # Install the necessary packages\n```\n**Windows Example (batch script)**\n\n```bat\ncd \\path\\to\\your\\data\\storage\npython -m venv qtbx_venv\n.\\qtbx_venv\\Scripts\\activate\npython -m pip install --upgrade psutil qualystbx lxml requests xmltodict # Install the necessary packages\n```\n\n## Operations You Can Perform with QualysTBX\n\n### Prerequisites\n\nBefore running `qualystbx`, the following environment variables need to be set:\n\n- **PYTHONUNBUFFERED**: Set to `1`\n- **q_username**: Your Qualys API username\n- **q_password**: Your Qualys API password\n- **q_api_fqdn_server**: The Qualys API FQDN server (e.g., `qualysapi.qualys.com`)\n\n### Setting Environment Variables\n\n#### Linux/Mac\n\nTo set the environment variables on Linux/Mac, use the following commands:\n```sh\nexport PYTHONUNBUFFERED=1\nexport q_username=[qualys api user]\nexport q_password=[qualys api password]\nexport q_api_fqdn_server=[qualys api fqdn server]\ncd /path/to/your/storage\nsource ./qtbx_venv/bin/activate \n```\n\n#### Windows\n\nTo set the environment variables on Windows, use the following commands:\n```cmd\nset PYTHONUNBUFFERED=1\nset q_username=[qualys api user]\nset q_password=[qualys api password]\nset q_api_fqdn_server=[qualys api fqdn server]\ncd \\path\\to\\your\\data\\storage\n.\\qtbx_venv\\Scripts\\activate\n```\n\n### Policy Merge\n\n**Description:** Execute the `policy_merge` command in `qualystbx` with the specified new policy ID, old policy ID, and comma-separated CID list. Optionally, add `--log_to_console` to log to the console. If not specified, logs will be saved to `[your data storage directory]/qtbx_venv/qualystbx/qtbx_home/policy_merge/log/policy_merge.log`.\n\n**Command:**\n```sh\nqualystbx --execute policy_merge --new_policy_id=[new policy id] --old_policy_id=[old policy id] --cid_list=[comma separated cid list] [--log_to_console]\n```\n\n### Explanation of Each Option\n\n- **new_policy_id**: The ID of the new policy into which the CIDs will be merged.\n- **old_policy_id**: The ID of the old policy from which the CIDs will be sourced.\n- **cid_list**: A comma-separated list of CIDs to be merged from the old policy to the new policy.\n- **--log_to_console**: (Optional) If this flag is included, logs will be printed to the console. If not, logs will be saved to the specified log file.\n\n### Path Differences Between Windows and Linux/Mac\n\n- **Linux/Mac Log Path**: `[your data storage directory]/qtbx_venv/qualystbx/qtbx_home/policy_merge/log/policy_merge.log`\n- **Windows Log Path**: `[your data storage directory]\\qtbx_venv\\qualystbx\\qtbx_home\\policy_merge\\log\\policy_merge.log`\n\n### Example Command\n\n- **Linux/Mac**:\n ```sh\n qualystbx --execute policy_merge --new_policy_id=12345 --old_policy_id=67890 --cid_list=111,222,333 --log_to_console\n ```\n or without logging to console:\n ```sh\n qualystbx --execute policy_merge --new_policy_id=12345 --old_policy_id=67890 --cid_list=111,222,333\n ```\n\n- **Windows**:\n ```cmd\n qualystbx --execute policy_merge --new_policy_id=12345 --old_policy_id=67890 --cid_list=111,222,333 --log_to_console\n ```\n or without logging to console:\n ```cmd\n qualystbx --execute policy_merge --new_policy_id=12345 --old_policy_id=67890 --cid_list=111,222,333\n ```\n\n### Policy Merge Directories and Paths\n\nAfter executing the `policy_merge` command, several files are created and updated within the `qtbx_venv/qualystbx/qtbx_home/policy_merge/data` directory. These files contain the results and details of the merge operation. Here\u2019s a detailed explanation of each result file:\n\n| Directory/File Path | Description |\n|----------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|\n| `qtbx_venv` [qtbx_venv] | This is the virtual directory for the QualysTBX environment and tools. |\n| `qtbx_venv/qualystbx/qtbx_home` [home_dir] | The home directory for QualysTBX where configuration, credentials, logs, binaries, and data related to the tool are stored. |\n| `[home_dir]/policy_merge` [policy_merge] | This directory specifically contains all the files and subdirectories related to the `policy_merge` operation within QualysTBX. |\n| `[policy_merge]/log` | This directory stores log files generated during the `policy_merge` operation. |\n| `[policy_merge]/log/policy_merge.log` | The main log file where the `policy_merge` operation logs its activities, errors, and status updates. If the `--log_to_console` option is not used, logs are saved here. |\n| `[policy_merge]/config` | This directory contains configuration files for the `policy_merge` operation. These configurations might include settings or parameters that control how the merge process is executed. |\n| `[policy_merge]/cred` | This directory stores credential files used by the `policy_merge` operation to authenticate with the Qualys API. These files are essential for secure access. |\n| `[policy_merge]/bin` | This directory contains executable files or scripts required by the `policy_merge` operation. |\n| `[policy_merge]/data` | This directory holds data files related to the policies being merged. These files include XML files representing different policies and their components. |\n| `[policy_merge]/data/import_new_policy_results_file.xml` | This file contains the results of importing the new policy, which is used in the merge operation. |\n| `[policy_merge]/data/old_policy_id.xml` | This file contains the details of the old policy, identified by its policy ID, from which CIDs will be sourced for merging. |\n| `[policy_merge]/data/merged_policy_id_file.xml` | This will be loaded into Qualys with a new policy name, prefixed with. The file stores the results of the merge operation, including the newly created policy that combines elements from the old and new policies. |\n| `[policy_merge]/data/new_policy_id.xml` | This file contains the details of the new policy, identified by its policy ID, into which CIDs will be merged. |\n| `[policy_merge]/data/old_policy_id_cid_list_for_merge.xml` | This file lists the CIDs from the old policy that are selected for merging into the new policy. |\n| `[policy_merge]/data/merged_policy_results_file.xml` | This file contains the final results of the policy merge operation, showing the outcome of combining the old and new policy loaded into Qualys. |\n\n\n### Naming Convention for Uploaded Merged Policy\n\nThe `merged_policy_id_file.xml` will be uploaded to Qualys with a naming convention that includes the date and time of the merge operation and the title of the new policy. The location in the Qualys UI is under Policy Compliance -> Policies -> Policies. \n\nThe format of the new merged policy is as follows:\n\n```\nMERGED_POLICY_YYYYMMDDThhmmssZ_[TITLE OF NEW POLICY NAME FROM new_policy_id.xml]\n```\n\n- **YYYYMMDDThhmmssZ**: Represents the date and time when the policy merge was executed.\n- **[TITLE OF NEW POLICY NAME FROM new_policy_id.xml]**: The title of the new policy as specified in the `new_policy_id.xml` file.\n\nThis naming convention helps in easily identifying and managing merged policies within Qualys.\n\n### Example\n\nIf the merge operation was executed on March 25, 2024, at 14:30:45 UTC, and the title of the new policy from `new_policy_id.xml` is \"Security Policy v2\", the uploaded file name would be:\n\n```\nMERGED_POLICY_20240325T143045Z_Security_Policy_v2.xml\n```\n\n# QualysTBX Activity Diagram\n- [](https://github.com/dg-cafe/qualystbx_img/assets/82658653/72bc4bad-f21e-4e2b-9f73-923ca4212cc2)\n\n# Policy Merge Tool\n\nPolicy Merge is a Policy Comliance Function that merges an old policies CID list into a new Policy. This is useful when customers want to easily merge in their customizations made to existing policies\n\n## Policy Merge Activity Diagram\n- [](https://github.com/dg-cafe/qualystbx_img/assets/82658653/da783563-9b3c-49dc-bf04-c66f89a27e35)\n\n\n# Roadmap\n```\nCapability | Target | Description\n---------- | ------ | -----------\nPolicy Merge | May 2024 | Automate Policy Merge of specific CID's between old and new policy.\nOther Tools | TBD | Other Qualys Tools\n```\n\n## Application Directories\n\n| Path | Description |\n|-----------------------------------------------------|--------------------------------------------------------------------|\n| [user storage dir] | Your python virtaul environment entered at runtime. |\n| [user storage dir]/qualystbx/qtbx_home/ | Directory of Tools Data |\n| qtbx_home/[tool] | Tool Home Directory. Ex. qtbx_home/policy_merge |\n| [tool]/bin | TBD |\n| [tool]/cred | TBD |\n| [tool]/config | TBD |\n| [tool]/log | Logs - Directory of all run logs |\n| [tool]/data | Application Data - Directory containing results of tool execution. |\n\n\n# Logging\n\nLogging fields are pipe delimited with some formatting for raw readability. You can easily import this data into excel, \n a database for analysis or link this data to a monitoring system.\n\n| Format | Description |\n|-----------------------------|------------------------------------------------------------------------------------------------------------------------------------------|\n| YYYY-MM-DD hh:mm:ss,ms | UTC Date and Time. UTC is used to match internal date and time within Qualys data. |\n| Logging Level | INFO, ERROR, WARNING, etc. Logging levels can be used for troubleshooting or remote monitoring for ERROR/WARNING log entries. |\n| Module Name: YYYYMMDDHHMMSS | Top Level qetl Application Module Name that is executing, along with date to uniquely identify all log entries associated with that job. |\n| User Name | Operating System User executing this application. |\n| Function Name | qetl Application Function Executing. |\n| Message | qetl Application Messages describing actions, providing data. |\n\n\n# Application Monitoring\n- To monitor the application for issues, the logging format includes a logging level. \n- Monitoring for ERROR will help identify issues and tend to the overall health of the applicaiton operation.\n\n# Securing Your Application in the Data Center\nFollow your corporate procedures for securing your application. A key recommendation is to use a password vault\nor remote invocation method that passes the credentials at run time so the password isn't stored on the system.\n\n## Password Vault\nQualysTBX provides options to inject credentials at runtime in memory.\n\nQualys recommends customers move to a password vault of their choosing to operate this applications credentials.\nBy creating functions to obtain credentials from your corporations password vault, you can improve \nthe security of your application by separating the password from the machine, injecting the credentials at runtime. \n\nOne way customers can do this is through a work load management solution, where the external work load management\nsystem ( Ex. Autosys ) schedules jobs injecting the required credentials into application at runtime. This eliminates\nthe need to store credentials locally on your system.\n\nIf you are unfamiliar with password vaults, here is one example from Hashicorp.\n- [Hashicorp Products Vault](https://www.hashicorp.com/products/vault)\n- [Hashicorp Getting Started](https://learn.hashicorp.com/tutorials/vault/getting-started-intro?in=vault/getting-started)\n\n\n# License\n<a name=\"license\"></a>\n[Apache License](http://www.apache.org/licenses/LICENSE-2.0)\n\n Copyright 2021 David Gregory and Qualys Inc.\n\n Licensed under the Apache License, Version 2.0 (the \"License\");\n you may not use this file except in compliance with the License.\n You may obtain a copy of the License at\n \n http://www.apache.org/licenses/LICENSE-2.0\n \n Unless required by applicable law or agreed to in writing, software\n distributed under the License is distributed on an \"AS IS\" BASIS,\n WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n See the License for the specific language governing permissions and\n limitations under the License.\n\n# ChangeLog\n<a name=\"changelog\"></a>\n\n```\nVersion | Date of Change | Description of Changes\n------- | -------------- | ----------------------\n0.1.0 | 2024-05-17 10:00 ET | Test release, do not use.\n0.50.0 | 2024-05-17 10:00 ET | Test release, do not use.\n```\n\n# Release Notes Log\n<a name=\"releasenotes\"></a>\n\n- 0.1.0 thru 0.50.0 initial test releases, do not use.\n",
"bugtrack_url": null,
"license": "Apache",
"summary": "Qualys Tool Box - Tools for running various functions in Qualys.",
"version": "0.47.0",
"project_urls": {
"Documentation": "https://dg-cafe.github.io/qualystbx/",
"Homepage": "https://pypi.org/project/qualystbx/"
},
"split_keywords": [
"qualys",
" qualystoolbox",
" qualys.com",
" david gregory",
" qualystbx",
" qualysapi"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "f94579e631ab2f80eaa3272bef353508f545492fa634064d9bb44942611fc30c",
"md5": "8fb5f2571ba801d9287b0fc5ae7aa3c6",
"sha256": "1d60eeafe4cd1d37a77d4de4c98ae4b91d66eac3aac5e5367cc16b687c620be4"
},
"downloads": -1,
"filename": "qualystbx-0.47.0-py3-none-any.whl",
"has_sig": false,
"md5_digest": "8fb5f2571ba801d9287b0fc5ae7aa3c6",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.9.0",
"size": 38482,
"upload_time": "2024-05-28T23:47:32",
"upload_time_iso_8601": "2024-05-28T23:47:32.907817Z",
"url": "https://files.pythonhosted.org/packages/f9/45/79e631ab2f80eaa3272bef353508f545492fa634064d9bb44942611fc30c/qualystbx-0.47.0-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "69dfc59543a61ae0024dad6fc86c057a5876e09eab151c48fa77e4bc74c339c8",
"md5": "c452b4ff07fb86de3ed991623264ab7e",
"sha256": "8696447e97d4b9865f7e40f6022ca6a60e37a5de88b331b22290b88d2a2f4dc0"
},
"downloads": -1,
"filename": "qualystbx-0.47.0.tar.gz",
"has_sig": false,
"md5_digest": "c452b4ff07fb86de3ed991623264ab7e",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.9.0",
"size": 42955,
"upload_time": "2024-05-28T23:47:34",
"upload_time_iso_8601": "2024-05-28T23:47:34.811496Z",
"url": "https://files.pythonhosted.org/packages/69/df/c59543a61ae0024dad6fc86c057a5876e09eab151c48fa77e4bc74c339c8/qualystbx-0.47.0.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-05-28 23:47:34",
"github": false,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"lcname": "qualystbx"
}
JSON