reason of rating

[MAngel666]

it would be nice to know, what was the reason for a score. I mean, if I use --warn B --crit C and the check is "CRITICAL" or "WARNING" then it would be nice to know what is the reason not beeing A. It is possible to get such information with the API of Qualys?
(it is more feature request than issue)

[philfry]

Even though having this kind of information shown in nagios/icinga/… could be useful, I'd say "no" due to several reasons:

• the perfdata/status length in nagios/icinga/nrpe and others is limited. I don't know what exact length is allowed, but I played around with "more verbose" checks and perfdata a while ago and ran into that limit (fwiw, nrpe has or had a limit or 1kb). If this changed in the meantime, fine. Then this argument would be invalid.
• not getting an A-grade can have several reasons. I believe it's not wise to have – in worst case – dozens of informations in a tiny result field, instead of just looking at the ssltest webpage to see what's wrong.
• the information is simply not (fully) provided by the api. Even though there are some hints like "vulnBeast": true, the list is incomplete and needs interpretation (i.e. accepting which ciphers would lead to downgrade etc.), which would be overkill for this (simple) check scripts.
• the required information is not provided at all when checking cached results.

[MAngel666]

the status field in icinga2 seems to be much bigger than in icinga/nagios etc... It would be still nice to have some more information there. It could be an "verbose" version of the status... A lot of checks has a verbose version of the output :)