c77b4b22eb
fix(qualys): API 2.0 confirmee (3.0 OTHER_ERROR car endpoint inexistant, 5.0 INVALID_API_VERSION) + body XML + mapping field user-friendly vers nom Qualys (hostname->name, fqdn->dnsHostName, ip->address) - cause racine 401 = mot de passe API expire
2026-05-05 16:56:56 +02:00
cadef89c50
fix(qualys): repasse en API 3.0 (5.0 ne supporte pas l objet hostasset, INVALID_API_VERSION). 12+3+1 endpoints qps/rest revenus en 3.0
2026-05-05 16:48:59 +02:00
5c402e5b63
fix(qualys): extrait responseCode/errorMessage/errorResolution du XML Qualys dans le message d erreur (au lieu de tronquer 200 chars du XML brut)
2026-05-05 16:46:16 +02:00
e7eecf0346
fix(qualys): search_assets_api utilise XML body au lieu de JSON (API 5.0 attend XML, JSON donnait 400). Message d erreur enrichi avec le debut de la reponse
2026-05-05 16:43:22 +02:00
37faba382e
fix(qualys): migration API 2.0 EOL -> 5.0 (auth refusee en 2.0 INVALID_CREDENTIALS, OK en 5.0). 12+3+1 endpoints qps/rest mis a jour
2026-05-05 16:40:34 +02:00
dc9c197274
fix(qualys/dashboard): timeout 120s->300s + log erreurs sur _fetch_asset_ids_by_tag (manque ENV-PRD/REC sur gros tags)
2026-04-27 23:00:58 +02:00
5ec5271232
perf(qualys/dashboard): parallelise fetch vulns par batch IPs (8 workers, ~18min -> ~3min)
2026-04-27 17:15:44 +02:00
0d4ce6dfc2
feat(qualys/duplicates): scan filtre Linux+Windows Server uniquement (~1200 vs 6244)
2026-04-25 19:56:23 +00:00
6c52d05393
fix(qualys/duplicates): renomme cle items -> groups (conflit Jinja avec dict.items)
2026-04-25 10:49:53 +00:00
e832381b68
feat(qualys/duplicates): filtre serveurs uniquement (exclut Win 10/11/7/8/XP postes)
2026-04-25 10:23:14 +00:00
3d043af194
feat(qualys): page doublons + suppression API Qualys 1-clic
2026-04-25 10:17:40 +00:00
8f406f211d
feat(qualys/dashboard): compute v2 - interroge API Qualys par tag (DB locale qualys_asset_tags souvent obsolete)
2026-04-25 00:42:29 +00:00
0ab4f2d8fa
fix(qualys/dashboard): vire flag in-memory + safety net thread + flex layout 6 KPI
2026-04-25 00:13:22 +00:00
9a7f446637
fix(qualys/dashboard): insert pending row dans la route avant spawn thread (no race)
2026-04-25 00:07:22 +00:00
8f8e8c4d8f
feat(qualys): dashboard vulnerabilites avec KPI + historique
2026-04-24 23:49:46 +00:00
c258d6091a
fix(qualys): resync_all_tags HTTP 400 - limitResults 10000 trop grand, capper a 1000
...
Qualys QPS API rejette limitResults au-dela de 1000 (HTTP 400 Bad Request).
Aligne sur les autres requetes du service (5, 20, 100, 200, 1000) et sur
qualys_tags_service.list_qualys_tags qui utilise deja 1000.
Reproductible via /qualys/tags > bouton Resync (msg=resync_ko_HTTP+400).
2026-04-23 12:19:31 +00:00
617bf94e31
Qualys agents sync: optims perf majeures (~3-5x plus rapide)
...
Refactor _refresh_all_agents_impl() avec 4 optimisations:
1. Pre-chargement des servers en dict Python au debut (hostname + IP)
-> elimine 2 queries SQL par asset (gain principal)
2. UPSERT 'INSERT ... ON CONFLICT DO UPDATE' + RETURNING (xmax=0)
-> une seule query au lieu de SELECT + INSERT/UPDATE
-> compte created/updated via xmax
3. HTTP Session reutilisee (requests.Session)
-> keep-alive, pas de handshake SSL a chaque page
4. ThreadPoolExecutor(5) pour executer les 5 filtres tagName en parallele
-> dedup par asset_id pour eviter traitement double
Bonus:
- max_pages 30 -> 500 par filtre (evite syncs incomplets silencieux)
- FQDN backfill cible via cache 'servers_need_fqdn' (pas d'UPDATE inutile)
- Commit unique en fin de traitement (suppression savepoint par asset)
- Retrait age-check redondant en mode diff (deja filtre cote API)
2026-04-16 23:34:51 +02:00
79a2cc896e
Qualys diff: format ISO sans microsec YYYY-MM-DDTHH:MM:SSZ (compat API QPS)
2026-04-15 14:28:57 +02:00
7924e64616
Qualys diff: filtre 'updated' (searchable) au lieu de 'lastCheckedIn' (non recunu API)
2026-04-15 14:06:27 +02:00
0ebf72d789
Qualys diff sync: sauve le timestamp DES LE DEBUT (resilient si annulation)
2026-04-15 13:29:36 +02:00
935c8003b4
Qualys sync: retry 3x avec backoff sur erreurs transitoires proxy/reseau
2026-04-15 12:44:49 +02:00
a62f9a4146
Qualys sync dual mode: diff (rapide, lastCheckedIn) + full (complet)
...
- refresh_all_agents accepte mode='diff'|'full' (defaut diff)
- Mode diff: filtre Qualys lastCheckedIn > qualys_last_diff_sync (settings)
- Mode full: pull tous les assets (comme avant)
- Skip early-exit en diff si dernier diff < 5 min
- 2 boutons UI: 'Sync rapide (diff)' et 'Sync complete'
- JS refreshAgents(mode) passe le mode en query param
2026-04-15 12:33:48 +02:00
55f81de986
Qualys sync: fallback matching par IP integrer si hostname ne match pas
2026-04-15 12:25:27 +02:00
1a1af9e28a
Qualys sync multi-pass: filtres SRV/server/SED/SEI/EMV pour couvrir tags heterogenes
2026-04-15 12:17:02 +02:00
105a756008
Qualys hostname: retour a priorite name (sauf IP/localhost/vide), fqdn/netbios en fallback
2026-04-15 01:38:56 +02:00
c7291d3e6d
Qualys _parse_assets_full: hostname FQDN > NetBIOS > name (fix aussi cette fonction)
2026-04-15 01:20:28 +02:00
71260e20c3
Qualys sync: hostname depuis FQDN > NetBIOS > name (evite troncature display name)
2026-04-15 01:11:08 +02:00
7eb56bc9cd
Qualys sync: filtre SRV au lieu de server (matche OS-WIN-SRV/OS-LIN-SRV DYN SANEF v3)
2026-04-15 01:00:37 +02:00
7b87074faa
Qualys page size 100
2026-04-14 16:58:03 +02:00
d15db654d4
Qualys: activation keys lazy (no API on page load if cache empty)
2026-04-14 16:24:45 +02:00
49b1865d13
Qualys page size 250 (lower timeout risk)
2026-04-14 16:19:29 +02:00
67287b8256
Qualys: cancel button for ongoing refresh
2026-04-14 16:12:44 +02:00
1bfdb16bfb
Qualys: actkeys cache 24h + refresh timeout 600s
2026-04-14 16:07:25 +02:00
07775a385f
Qualys activation keys: short timeout (5s)
2026-04-14 16:07:03 +02:00
347ea53c27
Qualys skip threshold: 5 min -> 40 min
2026-04-14 15:56:41 +02:00
ec90a4a9d1
Qualys: reduce refresh page size to 500
2026-04-14 15:55:35 +02:00
6db58952ec
Qualys refresh: early exit if no stale assets (< 5 min)
2026-04-14 15:48:41 +02:00
f66d728d2d
Qualys timeout 300s for bulk hostasset search
2026-04-14 15:37:50 +02:00
d24afa37b2
Qualys refresh: skip assets updated within last 5 minutes
2026-04-14 15:32:01 +02:00
d779426118
Bump Qualys page size back to 1000
2026-04-14 15:21:04 +02:00
71f83d5d4f
Qualys refresh: threading lock + 409 if already running
2026-04-14 15:20:17 +02:00
67f123e9f5
Qualys refresh: pagination + per-row savepoint to isolate errors
2026-04-14 15:13:48 +02:00
a422894f83
Sync Qualys FQDN to servers + use fqdn first for DNS resolution
2026-04-14 15:00:40 +02:00
92175992f8
Qualys: tagName + CONTAINS (API field, not UI syntax)
2026-04-14 14:53:54 +02:00
a19281a771
Qualys filter: CONTAINS instead of EQUALS for tag
2026-04-14 14:48:29 +02:00
a331d16a12
Qualys filter: tags.name instead of tagName
2026-04-14 14:47:48 +02:00
8dba0706b0
Filter Qualys agent refresh on tag name=server
2026-04-14 12:18:43 +02:00
4fa5f67c32
Qualys agents: bouton Rafraichir + cron 6h
...
- refresh_all_agents(): bulk sync tous les assets depuis API Qualys QPS
- Bouton "Rafraîchir depuis Qualys" sur la page agents
- Cron toutes les 6h: refresh_agents.py (prod + demo)
- Message de confirmation après refresh
2026-04-11 21:56:59 +02:00
Khalid MOUTAOUAKIL
29a377887f
KPI agents Qualys: actifs/inactifs/sans agent sur dashboard + page Agents avec liste détaillée
...
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-07 00:01:57 +02:00
Khalid MOUTAOUAKIL
c139dfbaa2
Cache mémoire 10min pour Qualys API, bouton Resync temps réel, page Agents (activation keys + versions)
...
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-06 23:04:48 +02:00
