Searching Asset Jobs
Click to view navigation pane


Searching Asset Jobs

andand

Use a boolean query to express your query using AND logic.

Example

Show results created by John

user: `JOHN` and activity: `CREATE`

asset.addressasset.address

Provide the asset IP address to find the asset by the specified IP.

Example

Show assets with the IP 10.115.126.240

asset.address: 10.115.126.240

asset.agentIdasset.agentId

Use an integer value ##### to find all results with an asset's UUID of interest.

Examples

Show all results with this asset UUID

asset.agentId:`21`

asset.nameasset.name

Use quotes or backticks within values to find all results that have the specified word in the asset name.

Example

Show all results that contain parts of this asset name

asset.name: windows02

asset.idasset.id

Use an integer value ##### to find all results with an asset ID of interest.

Examples

Show all results with this asset ID

asset.id:`21`

agent.nameagent.name

Use quotes or backticks within values to find all results that have the specified word in their agent name.

Examples

Show all results that contain parts of this agent name

agent.name:"O365unix"

Show all results that match exact value "unixrun"

agent.name:`unixrun`

asset.operatingSystemasset.operatingSystem

Use a text value ##### to find results for certain operating system of the asset.

Examples

Show all results with this operating system

asset.operatingSystem:`WINDOWS`

durationInMillisdurationInMillis

Use a text value ##### to find jobs that completed within the specified time or time range.

Example

Show jobs that completed within 100 to 460 seconds:

durationInMillis: [100 .. 460]

Or,

Show jobs that completed in 1200 seconds:

durationInMillis: 1200

executionStartTimeexecutionStartTime

Use a text value ##### to find jobs that executed at the specified date and time. You must provide the date in the 'YYYY-MM-DDTHH:mm:ss.sss' format. This QQL also supports the following operators:.

>=, >, <, =>

Provide the value within quotes to get the exact match.

Example

Show jobs that were executed on September 21 at 3:30:

executionStartTime:"2022-09-21T13:30:00.000"

return.codereturn.code

Use an integer value ##### to fetch asset jobs that contain the specified return code.

Example

Show asset jobs with the return code 2

return.code: 2

script.namescript.name

Use quotes or backticks within values to find all results that have the specified word in the script name.

Examples

Show all results that contain parts of this script name

script.name:"O365unix"

Show all results that match exact value "unixrun"

script.name:`unixrun`

script.typescript.type

Use a text value ##### to find all results that have the specified script type (Powershell, Perl, Python, Shell, Lua).

Examples

Show results with this script type

script.type:Shell

script.categoryscript.category

Use a text value ##### to find all results that have the specified script category. Categories include DATA BACKUP, DATA COLLECTION, GENERAL AUTOMATION and so on.

Examples

Show results with this script category

script.category:GENERAL AUTOMATION

statusstatus

Use a text value ##### to find all results with the specified status of the asset job. Values include EXECUTION FAILED, EXECUTION FAILED, MANIFEST_ASSIGNED and so on.

Example

Show asset jobs with the status EXECUTION FAILED

status: EXECUTION FAILED

test

notnot

Use a boolean query to express your query using NOT logic.

Example

Show activity logs that are not rejected

user: `admin` not activity: `REJECT`

oror

Use a boolean query to express your query using OR logic.

Example

Show results with one of these categories

user: `admin` or activity: `APPROVE`