Skip to content

Commit 4d649f9

Browse files
committed
docs: add CSV format handling and data cleaning details to Qualys VMDR docs
Document the non-standard CSV format, multi-line record support, metadata line detection, HTML stripping, and null marker filtering. Authored by T. Walker - DefectDojo
1 parent 431cafa commit 4d649f9

File tree

1 file changed

+14
-0
lines changed

1 file changed

+14
-0
lines changed

docs/content/supported_tools/parsers/file/qualys_vmdr.md

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -128,6 +128,20 @@ The parser creates Endpoint objects from IP addresses:
128128
- Multiple IPv4 addresses (comma-separated) create multiple endpoints
129129
- Falls back to IPv6 if no IPv4 address is present
130130

131+
### CSV Format Handling
132+
133+
Qualys VMDR exports use a non-standard CSV format where each row is wrapped in outer quotes and fields are delimited by `,""` instead of standard `","`. The parser automatically detects and handles both standard and non-standard CSV formats.
134+
135+
**Multi-line records:** Qualys fields such as Results and Threat may contain embedded newlines. The parser correctly assembles multi-line records that span multiple lines in the CSV file, including records containing malformed quote patterns in fields like Results.
136+
137+
**Metadata lines:** Some Qualys exports include 3 metadata lines (report title, date range, column count) before the header row. The parser auto-detects whether metadata is present and skips it accordingly.
138+
139+
### Data Cleaning
140+
141+
- **HTML tags** in fields like Threat (mapped to impact) are stripped automatically
142+
- **Qualys null markers** (`'-`) are filtered and treated as empty values
143+
- **Stray quotes** left by the non-standard CSV format are cleaned from field values
144+
131145
### Format Detection
132146

133147
The parser automatically detects whether the import file is QID format or CVE format by examining the first column of the header row:

0 commit comments

Comments
 (0)