Schedule a Call
Schedule a Call

← Back to All Workflows

Automate Qualys Report Generation and Slack Notifications with n8n

This workflow automates fetching, launching, monitoring, and downloading security reports from Qualys, then posting them to Slack. It solves manual delays in report handling and keeps security teams instantly informed with accurate, timely data.
httpRequest
slack
if
+4
Download Workflow Free
Learn how to Build this Workflow with AI:
Workflow Identifier: 1115
NODES in Use: Set, HTTP Request, XML, SplitInBatches, Wait, IF, Slack

Press CTRL+F5 if the workflow didn't load.

Visit through Desktop for Best experience

Opening Problem Statement

Meet Sarah, a Security Operations Center (SOC) analyst responsible for generating detailed vulnerability reports from Qualys for her team every day. She spends hours manually accessing the Qualys portal, finding the right report template, launching reports, continuously refreshing to check if the report is ready, downloading the files, and finally uploading them to the team’s Slack channel. This tedious process often results in delays, missed updates, and human errors, costing her team valuable time—time better spent on proactive security tasks. Additionally, when Sarah is out or overwhelmed, reports pile up, increasing the risk that critical security insights are overlooked.

This is where our Qualys automated report workflow in n8n shines. It eliminates Sarah’s manual steps by taking over the entire process from report request to Slack notification, saving hours of effort and ensuring the latest security reports are always at the team’s fingertips.

What This Automation Does

Once triggered, this n8n workflow performs the following specific actions:

  • Fetch Available Report Templates: It queries Qualys API to retrieve all available report templates, ensuring the user can select from updated options.
  • Launch Report Generation: Using the selected template, it sends a POST request to Qualys to generate a new report with custom parameters such as title and output format.
  • Monitor Report Status: The workflow checks the report status every minute in a loop until the report is completed, freeing analysts from manual refreshing.
  • Download Completed Report: Once finished, it automatically downloads the latest report data directly from Qualys in the requested format (PDF or HTML).
  • Notify Team Via Slack: The final report is then uploaded to a specific Slack channel, accompanied by detailed metadata like report ID, launch time, and expiration date for transparent team access.
  • Handle Errors and Dynamic Data: Utilizes XML to JSON conversions and dynamic data assignments to shape API responses for smooth operations.

By automating these steps, the team saves potentially 2-3 hours per report cycle, reduces errors, and accelerates response times.

Prerequisites ⚙️

  • n8n account with ability to create workflows
  • Qualys API access with proper API credentials (configured within n8n HTTP Request nodes)
  • Slack workspace and Slack API app with OAuth token to upload files
  • Basic understanding of REST APIs and JSON/XML data formats
  • Optional: Self-hosting environment for n8n, such as provided via Hostinger

Step-by-Step Guide

Step 1: Trigger Workflow Using Slack Modal Submission

This workflow is designed as a sub-workflow triggered externally by a Slack modal form submission handled by a parent workflow named “Qualys Slack Shortcut Bot.” To simulate, a Demo Data node is used that mimics data from Slack including the report title, output format, and template name.

What to do: In n8n, navigate to the workflow and execute the trigger node or use the Demo Data node for testing.

Expected outcome: The workflow receives data and moves it forward for processing.

Step 2: Assign Global Variables

The “Global Variables” node (Set node) is used to assign static or passed data such as the Qualys API base URL (https://qualysapi.qg3.apps.qualys.com), report title, output format, and template name, making this info accessible to subsequent nodes.

Tip: Ensure these variables reflect your actual API endpoint and preferences.

Step 3: Fetch Report Templates from Qualys

The “Fetch Report IDs” HTTP Request node sends a GET request to /msp/report_template_list.php, which fetches all available report templates in XML format.

Details: This is authenticated with pre-defined Qualys API credentials in n8n. Headers and query parameters are set automatically.

Common mistake: Incorrect credentials or endpoint URL cause failures here.

Step 4: Convert XML Response to JSON Format

The “Convert XML To JSON” node parses the raw XML response so that later nodes can easily access the report templates via JSON paths.

Expected result: You see a JSON array of report templates.

Step 5: Launch the Report Generation

The “Launch Report” HTTP Request node issues a POST request to the Qualys /api/2.0/fo/report/ endpoint to launch a scan report based on the selected template.

Configuration highlights:

  • Form-data parameters dynamically set: template_id (fetched by matching template name), output_format, and report_title.
  • Query parameter action=launch instructs the API to start report generation.
  • Header X-Requested-With: n8n is added.
  • Uses Qualys API credential for auth.

Step 6: Convert Report Launch Response XML to JSON

The “Convert Report Launch XML to JSON” node parses the XML confirmation of launch response to extract the report ID for tracking.

Step 7: Enter the Loop to Check Report Status Every Minute

The “Loop Over Items” (SplitInBatches node) combined with the “Wait 1 Minute” node creates a polling mechanism:

  • The workflow pauses for 1 minute.
  • Then, the “Check Status of Report” HTTP Request node sends a GET request to query the report status using the report ID.
  • The response is converted from XML to JSON by “Convert Report List to JSON”.
  • The “Is Report Finished?” If node checks if the “STATE” field is “Finished”.
  • If not finished, the loop repeats via “Loop Over Items” triggering the Wait again.
  • If finished, the loop ends and continues.

Common mistake: Incorrect report ID extraction can break the loop.

Step 8: Download the Completed Report

Once confirmed finished, the “Download Report” HTTP Request node retrieves the full report data from Qualys, specifying action=fetch and the report ID.

The data includes report metadata and file content, ready for distribution.

Step 9: Post the Report to Slack Channel

The “Slack” node uploads the downloaded report as a file to a specific channel, adding a message with key report information such as:

  • Report ID
  • Launch datetime
  • Output format
  • File size
  • Status
  • Expiration datetime

This enables your team to instantly access the latest reports inside Slack.

Customizations ✏️

1. Change Slack Channel for Report Posting
Go to the “Slack” node → Edit the channelId parameter to your desired Slack channel ID. This lets you direct reports to the right team or project channel.

2. Modify Report Output Format
In the “Global Variables” or “Demo Data” node, change the output_format value from pdf to html or others supported by Qualys. This changes the report file type generated.

3. Use Different Report Template
Change the template_name variable in the “Global Variables” node to another template available in your Qualys account. The workflow dynamically looks up the corresponding template ID.

4. Adjust Polling Interval
Modify the “Wait 1 Minute” node’s time unit and amount to poll more or less frequently, depending on your reporting speed needs or API limits.

5. Integrate Additional Notification Channels
Add nodes for email, Microsoft Teams, or SMS to notify more stakeholders when reports are ready by extending the final Slack notification step.

Troubleshooting 🔧

Problem: “401 Unauthorized” error from Qualys API requests.
Cause: API credentials not set correctly or expired.
Solution: Go to n8n Credentials → Update your Qualys API credentials with valid keys. Test the connection by rerunning the fetch node.

Problem: Report status loop never ends and keeps polling indefinitely.
Cause: The “Is Report Finished?” node’s condition is incorrect or report ID is wrong.
Solution: Double-check the JMESPath expressions extracting the report ID and verify the “STATE” field equals “Finished” exactly, case-sensitive.

Problem: Slack node fails to upload report.
Cause: Slack OAuth token lacks file upload permission or incorrect channel ID.
Solution: Reconfigure Slack app permissions and verify channel ID in the Slack node settings.

Pre-Production Checklist ✅

  • Confirm Qualys API credentials by testing the “Fetch Report IDs” node independently.
  • Validate Slack API connectivity and proper channel permissions.
  • Test with Demo Data node to simulate Slack input before connecting to the actual trigger.
  • Verify that XML to JSON conversions are correctly parsing data by inspecting intermediate node outputs.
  • Ensure the report template name used in variables matches one of the template titles fetched to avoid launch failures.
  • Check error handling setup in n8n to catch failed API calls and log appropriately.

Deployment Guide

To deploy this workflow, activate it within your n8n account. If integrated with the Slack Shortcut Bot parent workflow, ensure it is correctly triggering this sub-workflow on modal submission.

Monitor execution logs in n8n for any failures or hanging runs. You may want to schedule downtime maintenance or update API tokens periodically for smooth operation.

This workflow is suitable for both cloud-hosted and self-hosted n8n setups, depending on your organizational requirements and data security policies.

FAQs

Q: Can I use a different messaging platform instead of Slack?
A: Yes, you can replace the Slack node with other messaging nodes like Microsoft Teams or email, but you’d need to adapt the message format accordingly.

Q: Does this workflow consume Qualys API credits?
A: Each API request counts towards your Qualys API usage quota, so monitor your allotment to prevent issues.

Q: Is the data transmitted to Slack secure?
A: Slack uses encryption for data in transit and at rest; ensure your Slack workspace complies with your security policy.

Q: Can this workflow handle multiple simultaneous report requests?
A: Yes, but you should monitor API rate limits and adjust polling intervals or batch sizes to maintain efficient processing.

Conclusion

By following this detailed guide, you’ve automated the entire process of generating, monitoring, and delivering Qualys security reports directly to Slack. This automation saves your security team hours per report, eliminates manual errors, and ensures timely updates critical for fast incident response.

Looking ahead, consider expanding this workflow to include automatic remediation ticket creation in systems like Jira, or incorporate AI-based analysis summaries for quick report insights. You’ve now built a vital tool that raises your SOC’s operational efficiency and responsiveness.

Keep exploring n8n’s extensive capabilities to automate repetitive security workflows and empower your team to focus on what matters most.

Learn by Category

Sales →
Productivity →
Social →
Finance →
Marketing →
Content→
Recruitment →
Security →
SEO →
CRM →
Development →
Ecommerce →

Related Workflows

Automate Viral UGC Video Creation Using n8n + Degaus (Beginner-Friendly Guide)

Learn how to automate viral UGC video creation using n8n, AI prompts, and Degaus. This beginner-friendly guide shows how to import, configure, and run the workflow without technical complexity.
Form Trigger
Google Sheets
Gmail
+37
Free

AI SEO Blog Writer Automation in n8n (Beginner Guide)

A complete beginner guide to building an AI-powered SEO blog writer automation using n8n.
AI Agent
Google Sheets
httpRequest
+5
Free

Automate CrowdStrike Alerts with VirusTotal, Jira & Slack

This workflow automates processing of CrowdStrike detections by enriching threat data via VirusTotal, creating Jira tickets for incident tracking, and notifying teams on Slack for quick response. Save hours daily by transforming complex threat data into actionable alerts effortlessly.
scheduleTrigger
httpRequest
jira
+5
Free

Automate Telegram Invoices to Notion with AI Summaries & Reports

Save hours on financial tracking by automating invoice extraction from Telegram photos to Notion using Google Gemini AI. This workflow extracts data, records transactions, and generates detailed spending reports with charts sent on schedule via Telegram.
lmChatGoogleGemini
telegramTrigger
notion
+9
Free

Automate Email Replies with n8n and AI-Powered Summarization

Save hours managing your inbox with this n8n workflow that uses IMAP email triggers, AI summarization, and vector search to draft concise replies requiring minimal review. Automate business email processing efficiently with AI guidance and Gmail integration.
emailReadImap
vectorStoreQdrant
emailSend
+12
Free

Automate Email Campaigns Using n8n with Gmail & Google Sheets

This n8n workflow automates personalized email outreach campaigns by integrating Gmail and Google Sheets, saving hours of manual follow-up work and reducing errors in email sequences. It ensures timely follow-ups based on previous email interactions, optimizing communication efficiency.
googleSheets
gmail
code
+5
Free
Load More