Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


  • Pull the list of Hosts/devices managed by ePO
  • Determine the list of devices not managed by ePO (potentially considered rogue)
  • Push devices that are not managed by ePO into ePO server and add them to Rogue Detection Systems.
  • McAfee Server => Dashboards => RSD Summary displays Rogue Systems.

For further Information:

Lumeta Spectre Extension to McAfee ePO =>



Qualys and Vulnerability Management


  1. This  This integration will run at scheduled feed interval.
  2. Each time this integration is run, it will check for asset group LUMETA_ESI_DISCOVERED and update this asset group with latest data (As oppose to IPSonar where each time a report is generated, a new asset group is created)
  3. Currently, we overwrite asset group with updated ips each time we run a feed
  4. Please make sure that the user configured on Settings=>Integrations=>Qualys Integration page has Manager access on Qualys server.
  5. Spectre gets two lists from Qualys: IPs subscribed by Qualys and IPs scanned or managed by Qualys (this list is generated from LUMETA_ESI_DISCOVERED Asset group)
  6. User-enabled Qualys Integration
    1. Subscribed IPs are ingested from Qualys server into qualys_subscribed_ips table.
    2. ALL IPs currently scanned by Qualys are ingested into qualys_scanned_ips_raw table.
  7. When autosubscribe is ON:
    1. Push back to Qualys subscribed list "IPs Unmanaged by Qualys"
    2. Create a list of IPs that are in Qualys subscribed List but not in Qualys managed list.
  8. When autosubscribe is OFF:
    1. Find a list of IPs common between Qualys managed list and ESI discovered list.
    2. Create a list of IPs currently in subscribed list which is not in above list. 
  9. Create an asset group: LUMETA_ESI_DISCOVERED
  10. Push the above list in Asset Group.

Qualys & Vulnerability Management =>