Freshservice integration with Qualys Connector enables IT teams to automate incident creation and incident updates based on the vulnerabilities or misconfigurations detected by Qualys, allowing remediation tracking.


This article contains the following topics:


Prerequisites for integration

Ensure you have the following, as part of the prerequisites for integration:

  • An active Qualys account.

  • Account administrator privileges within Freshservice to initiate the integration.


Install the app

To install the app:


  1. Go to Admin > Automation & Productivity > Extensibility > Connector Apps.

  2. Select Qualys Connector App from the Connector Apps list.

  3. Click Install. The Configuration page opens.

  4. Ensure that your Freshservice API Key is enabled before initiating the installation. Click Next.

Note: The Domain URL and API Key fields are auto-populated.



  1. Enter the relevant Qualys connection details in the UsernamePasswordAPI Server URL, and Server URL fields. Then, click Connect.



  1. (After the connection is established successfully) Click Next on the Connect Qualys tab.

  2. Enable the Alerts toggle, if you want to receive email notifications on any errors that are detected within the configured recipes.



  1. Enter the recipient email id(s) in the Email ID field.

  2. Then, click Install.


View dashboard

The Overview page of a connector app includes the Dashboard and Dependency graph tabs.


The Dashboard helps you understand the total number of tasks you've consumed (this is the basis for your app usage billing), and also provides a consolidated graph view of the number of recipes, successful jobs, and failed jobs for all recipes.


To view the dashboard and dependency graph:


  1. Go to Admin > Automation & Productivity > Extensibility > Connector Apps.

  2. Click Qualys Connector App. The Configure Qualys Connector dialog opens.



  1. Click Got it. The Overview page opens.



Note: Use the PeriodProjectAll recipesService/App, and Tag filters to modify the graph view. You can also sort and view the required data in a tabular format (below the graph), and view your plan usage and connection details on the Dashboard tab.


  1. Go to the Dependency graph tab to view the dependencies in a grid layout.



  1. Click on any icon to view all dependencies, such as ConnectionRecipeAPI Endpoint, and so on.



Note: Use the AssetApp, and Recipe status filters to modify the grid view.


Set up available recipes

To set up the available recipes:


  1. Go to Admin > Automation & Productivity > Extensibility > Connector Apps.

  2. Click Qualys Connector App. The Overview page opens.

  3. Click Recipes. The Recipes page shows you the list of available recipes for the Qualys Connector App.



List of all the available default recipes

The following default recipes are available with the Freshservice and Qualys Connector integration.


Recipe

Description

Qualys Vulnerability to Freshservice Incident

This recipe is triggered at regular intervals to fetch the vulnerabilities created or updated in Qualys, and automatically creates or updates the associated incidents in Freshservice with relevant details. It ensures seamless vulnerability tracking and remediation within your service management platform.


Manage available recipes

You can preview, edit, start, test, or stop the available recipes.


Preview recipe

  1. On the Recipes page, click Preview next to the recipe you want to view. The selected recipe’s preview page opens.



The Preview page includes the RecipeJobsConnectionsVersions, and Settings tabs.


  1. On the Recipe tab, you can view various steps with pre-configured triggers, actions, and conditions.

  2. Go to the Jobs tab to view all the jobs associated with this recipe.


Note: Use the Repeat jobCancel jobSearch jobsAll statusesAll types, and Period filters to modify or update the Jobs list.


  1. Go to the Connections tab to view all the associated connections.

  2. Go to the Versions tab to view all the associated versions.


Note: Use the Compare versionsSearch version commentsAll periodsAll change types, and All collaborators filters to modify or update the Versions list.


  1. Go to the Settings tab to view the usage metrics, dependencies, and concurrency associated with this recipe.


Start recipe

To start any recipe:


  1. On the Recipes page, click Start next to the recipe you want to start.

  2. Or, click Preview next to the recipe you want to start. Within the recipe preview page, you will find an option to start the recipe.


Edit recipe

To edit any recipe:


  1. Click Preview next to the recipe you want to edit. The selected recipe’s preview page opens. If the recipe is active, click Stop. Then, click Edit.

  2. Or, click the ellipsis icon next to a recipe on the Recipes page. Then, click Edit.



Stop recipe

To stop any recipe:


  1. On the Recipes page, click Stop next to the recipe you want to stop.

  2. Or, click Preview next to the recipe you want to stop. Within the recipe preview page, you will find an option to stop the recipe.


Test recipe

To test any recipe:


  1. On the Recipes page, click Preview next to the recipe you want to test. The selected recipe’s preview page opens. If the recipe is active, click Stop.

  2. Then, select Test recipe from the Start recipe dropdown.



  1. Or, click the ellipsis icon next to a recipe on the Recipes page, and click Edit. The selected recipe page opens.

  2. Click Test recipe.



Customize recipe

Each recipe has the following components: TriggerActions, and Conditions. You can customize any recipe depending on your specific requirements.


Let’s take the default recipe as an example to customize it further.


Default recipe: Qualys Vulnerability to Freshservice Incident


You can click any component, and use the Edit option associated with the component to customize. For example, the Trigger component (as shown in the following figure).



Trigger

This recipe component acts as the starting point for any recipe. For this default recipe, the trigger is fetching a new or updated vulnerability from Qualys and syncing it with a Freshservice incident.


You can customize the trigger in the following ways:

  • View the list of optional fields available for a particular trigger.

  • Modify optional fields for existing triggers or add trigger conditions.

  • Add multiple trigger conditions using the ‘+’ option below the trigger conditions section. You can choose to set up AND or OR conditions.

  • Set the trigger data by choosing from a list of available attributes.


Configure the trigger filters

The following table describes the trigger filters for the Qualys Vulnerability to Freshservice Incident recipe.


Filter name

Description

Trigger poll interval

Allows you to set the frequency for checking new events.


For example, you can select 1 week if you’ve selected the Select poll interval option, or you can enter 5 days if you’ve selected the Enter poll interval option.


Note: The minimum frequency to check for new events is set to 24 hours / 1 day.

QIDs

Allows you to detect records with specific QIDs or a range of QIDs.


For example, you can enter 50, 60, 70 (as comma separated specific QIDs), or 50-100 (as a range).

Severities

Allows you to detect records, which have specific severities or a range of severities.


For example, you can enter 5, 6, 7 (as comma separated specific severities), or 5-10 (as a range).


Note: The minimum value of severity level is set to 4.

Show OS Hostname

Allows you to show or hide the OS Hostname.


For example, you can select Yes if you want the OS Hostname to be shown, or No if you want it to be hidden.

Show Asset ID

Allows you to show or hide the Asset ID.


For example, you can select Yes if you want the Asset ID to be shown, or No if you want it to be hidden.

Show Host Service

Allows you to show or hide the service tag of the scanned hosts.


For example, you can select Yes if you want the Host Service to be shown, or No if you want it to be hidden.

Show Ignored Vulnerabilities

Allows you to show or hide the ignored vulnerabilities.


For example, you can select Yes if you want the Ignored Vulnerabilities to be shown, or No if you want it to be hidden.

Detection Filters

Allows you to set the detection filters for reopened, ignored, and disabled vulnerabilities.


For example, you can click Show under Detection Filters, then select the Yes or No option for each of the vulnerabilities (reopened, ignored, and disabled). Click Hide if you want all the detection filters hidden.

QDS Score Filters

Allows you to set the QDS score filters based on the minimum and maximum values for detecting records.


For example, you can click Show under QDS Score Filters, then enter the required values in the Minimum QDS Value and Maximum QDS Value fields. Click Hide if you want all the QDS score filters hidden.


Note: The minimum value of QDS score is set to 90.

Host Filters

Allows you to set the host filters, such as host IDs/range of host IDs, minimum and maximum host ID values, IP addresses range, and so on.


For example, you can click Show under Host Filters, then enter the required values in the host filter fields, such as Host IDsNetwork IDs. Click Hide if you want all the host filters hidden.

Asset Tag Filters

Allows you to set the asset tag filters based on tag IDs, selected tags, and so on.


For example, you can click Show under Asset Tag Filters, then enter the required values in each of the asset tag filter fields, or select the required option for each of the asset tag filter dropdowns. Click Hide if you want all the asset tag filters hidden.

Set trigger condition

Allows you to process the trigger events matching specific conditions.


For example, enable the Set trigger condition toggle. Then, set the required trigger conditions using the ANDOR options.


Configure the date and time filter

Additionally, note the following while configuring the When first started, this recipe should pick up events from filter.

  • This field allows you to set a start date and time, ensuring that only records created or updated after this date and time are processed.

  • If not specified, the default behavior is used for fetching records (for example, fetching vulnerabilities created or updated one hour ago).

  • This field cannot be edited after the recipe is started or tested.



Important:

  • Avoid processing old data, if you want only the new data from a specific time period onwards.

  • Backfill historical data, if you want to start processing data from a specific past date.

  • Prevent duplicate processing of data to ensure the recipe does not pick up outdated records.


Condition

This component acts as a checkpoint within the recipe flow and executes a specific set of actions based on the matched condition.


Here, the recipe checks if a new vulnerability is created or an existing vulnerability is updated in Qualys. Accordingly, an incident is created or updated in Freshservice.


You can check and edit the data fields and conditions.


Action

The recipe performs a specific set of actions based on the conditions met. For example, the recipe creates or updates an incident in Freshservice for a new or existing vulnerability in Qualys.


You can customize the following parts of the action:

  • Perform any action from the existing set of available actions.

  • Map the default vulnerability fields from Qualys with the corresponding default fields or custom fields in Freshservice. Note that most of the vulnerability fields from Qualys are mapped to the default field descriptions in Freshservice.

  • Add more fields from the available set of optional fields.


After customizing a recipe, you can save or test it to ensure it's working correctly.


Check failed recipe or jobs

To view and troubleshoot failed jobs under a recipe, follow these steps:


  1. Click Preview next to a specific recipe on the Recipes page.

  2. Go to Jobs.

  3. View a list of all the jobs executed under a particular recipe.

  4. Filter the failed jobs using the All statuses filter.

  5. Click a failed job to view the error details and identify the cause of failure.

  6. Resubmit the job after your review to fix the issue.



Note: For information on frequently asked questions (FAQs) related to the Connector Apps in Freshservice, see Connector Apps: Frequently Asked Questions (FAQs).