Search Asset Jobs
Provide the asset IP address to find the asset by the specified IP.
Example
Show assets with the IP 10.115.126.240
asset.address: 10.115.126.240
Use an integer value ##### to find all results with an asset's UUID of interest.
Examples
Show all results with this asset UUID
asset.agentId:`21`
Use quotes or backticks within values to find all results that have the specified word in the asset name.
Example
Show all results that contain parts of this asset name
asset.name: windows02
Use an integer value ##### to find all results with an asset ID of interest.
Examples
Show all results with this asset ID
asset.id:`21`
Use quotes or backticks within values to find all results that have the specified word in their agent name.
Examples
Show all results that contain parts of this agent name
agent.name:"O365unix"
Show all results that match exact value "unixrun"
agent.name:`unixrun`
durationInMillisdurationInMillis
Use a text value ##### to find jobs that completed within the specified time or time range.
Example
Show jobs that completed within 100 to 460 seconds:
durationInMillis: [100 .. 460]
Show jobs that completed in 1200 seconds:
durationInMillis: 1200
executionStartTimeexecutionStartTime
Use a text value ##### to find jobs that executed at the specified date and time. You must provide the date in the 'YYYY-MM-DDTHH:mm:ss.sss' format. This QQL also supports the following operators:.
>=, >, <, =>
Provide the value within quotes to get the exact match.
Example
Show jobs that were executed on September 21 at 3:30:
executionStartTime:"2022-09-21T13:30:00.000"
return.code.descriptionreturn.code.description
Fetch asset jobs that contain the specified return code description.
Example
Show asset jobs with the return code description Application Uninstalled
return.code.description: Application Uninstalled
You can see autocomplete suggestions for all relevant return code descriptions while typing the query. These suggestions are job-specific.
Use an integer value ##### to fetch asset jobs that contain the specified return code.
Example
Show asset jobs with the return code 2
return.code: 2
Use quotes or backticks within values to find all results that have the specified word in the script name.
Examples
Show all results that contain parts of this script name
script.name:"O365unix"
Show all results that match exact value "unixrun"
script.name:`unixrun`
Use a text value ##### to find all results that have the specified script type (Powershell, Perl, Python, Shell, Lua).
Examples
Show results with this script type
script.type:Shell
script.categoryscript.category
Use a text value ##### to find all results that have the specified script category. Categories include DATA BACKUP, DATA COLLECTION, GENERAL AUTOMATION and so on.
Examples
Show results with this script category
script.category:GENERAL AUTOMATION
Use a text value ##### to find all results with the specified status of the asset job. Values include EXECUTION FAILED, EXECUTION FAILED, MANIFEST_ASSIGNED and so on.
Example
Show asset jobs with the status EXECUTION FAILED
status: EXECUTION FAILED
Use a boolean query to express your query using AND logic.
Example
Show results created by John
user: `JOHN` and activity: `CREATE`
Use a boolean query to express your query using NOT logic.
Example
Show activity logs that are not rejected
user: `admin` not activity: `REJECT`
Use a boolean query to express your query using OR logic.
Example
Show results with one of these categories
user: `admin` or activity: `APPROVE`