Vulnerability Remediation

Service Check

The following command checks if the Qualys vulnerability service is currently running or not.

Linux:

sudo /opt/armor/armor vuln service-check

Windows:

c:\.armor\opt\armor.exe vuln service-check

Service Restart

The following command restarts the Qualys vulnerability service.

Linux:

sudo /opt/armor/armor vuln service-restart

Windows:

c:\.armor\opt\armor.exe vuln service-restart

Run Sync Job

The following command runs a sync job which persists the Qualys HostId of a VM in Armor database.

Linux:

sudo /opt/armor/armor vuln sync-agent-id

Windows:

c:\.armor\opt\armor.exe vuln sync-agent-id

Uninstall And Install The Qualys Agent

The following commands uninstall and install the Qualys agent freshly and assigns new HostId to the VM.

Linux:

sudo /opt/armor/armor vuln uninstall
sudo /opt/armor/armor vuln install

Windows:

c:\.armor\opt\armor.exe vuln uninstall
c:\.armor\opt\armor.exe vuln install

Using Toolbox To Issue The Above Commands

To issue Qualys agent service commands using the Toolbox utility in Nexus or the legacy Armor Management Portal (AMP), follow these steps:

1. In Nexus, hover over Security Posture in the left navigation menu.

2. Click on Endpoint, then select Toolbox.

3. Then click on Schedule Task

4. Choose Vulnerability Management as the product.

   1. This will display available operations for the Qualys agent.

5. Select the desired Operation (e.g., Restart Vulnerability Service).

6. Then click Select VMs button to choose the VM instances where the task will run.

7. After selecting VMs, return to the task screen.

8. Configure if the task will execute either at the next Armor agent heartbeat or a selected future date.

9. Click on Schedule Task

10. After scheduling the task, allow some time for it to complete. Then, return to the Toolbox screen to review the task’s status and details.