The template attached to the post is used in the third use case (security events response) on the video. It requests Qualys to scan an asset in case of security events: DNS Firewall hit or DNS Tunneling detection.
Extensible attributes (Qualys_Scan, Qualys_Scan_Option, Qualys_Scanner) are required and should be defined on a network or range level (depends on an event type):
- Qualys_Scan - perform a scan in case of a security event;
- Qualys_Scan_Option - use a scan option defined in this EA for scans;
- Qualys_Scanner - use a scanner appliance defined in this EA.
You can use attached php script to create these EAs (do not forget to update $NIOS_baseURL, $NIOS_User, $NIOS_PWD, $data variables based on your configuration).