Search GCP Resources
Click here to see this page in full context


Home

Searching for GCP Resources

Use the search tokens below to search for resources discovered. You'll need to first choose cloud provider on the Resources tab to see the relevant tokens for your environment. Looking for help with writing your query? click here

General

account.idaccount.id

Use a text value ##### to show resources based on the unique account ID associated with the connector/ARN at the time of creation.

Example

Show findings with this account ID

account.id: 205767712438

account.aliasaccount.alias

Use a text value ##### to show connectors based on the account alias associated with the connector/ARN at the time of creation.

Example

Show connectors with this account alias

account.alias: Example_connector

subscriptionNamesubscriptionName

Use a text value ##### to find Azure connectors based on the subscription name associated with the connector at the time of creation.

Example

Show connectors with this subscription name

subscriptionName: Sample Cloud Subscription

createdcreated

Use a date range or specific date to define when the resource was created.

Examples

Show resources created within certain dates

created: [2018-01-01 ... 2018-03-01]

Show resources created starting 2018-10-01, ending 1 month ago

created: [2018-01-01 ... now-1m]

Show resources created starting 2 weeks ago, ending 1 second ago

created: [now-2w ... now-1s]

Show resources created on specific date

created: 2018-01-08

updatedupdated

Use a date range or specific date to define when the resource was last updated.

Examples

Show resources updated within certain dates

updated: [2018-01-01 ... 2018-03-01]

Show resources updated starting 2018-10-01, ending 1 month ago

updated: [2018-01-01 ... now-1m]

Show resources updated starting 2 weeks ago, ending 1 second ago

updated: [now-2w ... now-1s]

Show resources updated on specific date

updated: 2018-01-08

namename

Use backticks to help you find the exact match of the resource name you're looking for.

Examples

Show any findings with this name

name: my-resource

Show all the findings that exactly match with this name

name: `my-resource`

providerprovider

Select the name of the cloud service provider you're interested in. Select from names in the drop-down menu.

Example

Find resources synced from Amazon AWS

provider: AWS

regionregion

Select the name of the region you're interested in. Select from names in the drop-down menu.

Example

Find resources in the Singapore region

region: Singapore

resource.idresource.id

Use a text value ##### to find resources by the unique ID assigned to the resource.

Example

Show resources with ID acl-8e5198f5

resource.id: acl-8e5198f5

resource.typeresource.type

Select the type of resource you're interested in. Select from names in the drop-down menu.

Example

Show resources of type Instance

resource.type: Instance

tag.keytag.key

Use a text value ##### to define the key of an AWS or Azure tag assigned to the resource (case sensitive).

Example

Show findings with key Department

tag.key: Department

tag.valuetag.value

Use a text value ##### to define the value of an AWS or Azure tag assigned to the resource (case sensitive).

Example

Show findings with tag value Finance

tag.value: Finance

tags.nametags.name

Use values within quotes or backticks to help you find the resources with the specified tag you're looking for.

Example

Show any findings that contain "network" and "blue" in name

tags.name: "network blue"

Show any findings that contain "network" or "blue" in name (another method)

tags.name: "network" OR tags.name: "blue"

Show any findings that match exact value "Cloud Agent"

tags.name: "Cloud Agent"

andand

Use a boolean query to express your query using AND logic.

Example

Show findings with account ID 205767712438 and type Subnet

account.id: 205767712438 and resource.type: Subnet

notnot

Use a boolean query to express your query using NOT logic.

Example

Show findings that are not resource type Instance

not resource.type: Instance

oror

Use a boolean query to express your query using OR logic.

Example

Show findings with one of these tag values

tag.value: Finance or tag.value: Accounting

projectIdprojectId

Use a text value ##### to find GCP resources with a certain project Id.

Example

Show resources with this projectId

projectId: my-project-1513669048551

label.namelabel.name

Use a text value ##### to define the name of GCP label assigned to the resource (case sensitive). 

Example

Show findings with name Environment

label.key: Environment

label.valuelabel.value

Use a text value ##### to define the value of GCP label assigned to the resource (case sensitive).

Example

Show cloud functions with certain label value

label.value: test-environment

GCP: VM Instances

These tokens are available in queries with resource.type:VM Instances

instance.machineTypeinstance.machineType

Select the name of the instance machine type you are interested in.  Select the machine type from the drop-down menu.

Example

Show resources with g1-small virtual network type

instance.machineType: g1-small

connector.remediationEnabledconnector.remediationEnabled

Use  true to view the resources associated with the connector for which remediation is enabled.

Example

Show resources associated with the connector for which remediation is enabled

connector.remediationEnabled: TRUE

action.statusaction.status

Select the action status ("Sucess", "Queued", "Error") you're interested in. Select from names in the drop-down menu.

Example

Show resources with success status for remediation action

action.status: Success

instance.networkInterfaces.networkinstance.networkInterfaces.network

Use a text value ##### to find network interfaces of instances that belong to the specified network.

Example

Show resources with default network

instance.networkInterfaces.network: default

instance.networkInterfaces.subnetworkinstance.networkInterfaces.subnetwork

Use a text value ##### to find network interfaces of instances that belong to the specified subnetwork.

Example

Show resources with default subnetwork

instance.networkInterfaces.subnetwork: default

instance.externalIpAddressinstance.externalIpAddress

Use a text value ##### to find instances that belong to the specified external IP address.

Example

Show resources with specified external IP address

instance.externalIpAddress: 52.70.141.154

instance.privateIpAddressinstance.privateIpAddress

Use a text value ##### to find instances that belong to the specified private IP address.

Example

Show resources with specified private IP address

instance.privateIpAddress: 10.90.0.119

instance.statusinstance.status

Select the status (PROVISIONING, REPAIRING, RUNNING, etc.) of the VM instances you're interested in. Select the required status from the drop-down menu.

Example

Show VM instances with running status

instance.status: RUNNING

instance.agentInstalledinstance.agentInstalled

Use true to view the list of GCP VMs with Qualys Agent installed.

Example

Show VMs with Qualys Agent installed.

instance.agentInstalled: True

GCP:Firewall Rules

These tokens are available in queries with resource.type: Firewall Rules

firewall.networkfirewall.network

Select the name of the instance machine type you are interested in.  Select the machine type from the drop-down menu.

Example

Show networks with this name

firewall.network: default

GCP:Network

These tokens are available in queries with resource.type:Networks

network.subnetworksnetwork.subnetworks

Use a text value ##### to find subnetworks within a network.

Example

Show networks with default value

network.subnetworks: default

GCP:SubNetwork

These tokens are available in queries with resource.type:Subnetworks

subnetwork.networksubnetwork.network

Use a text value ##### to find networks within a subnetwork.

Example

Show subnetworks with default value

subnetwork.network: default

subnetwork.ipCidrRangesubnetwork.ipCidrRange

Use a text value ##### to find subnetworks with certain ip cidr range.

Example

Show subnewtorks with specified cidr range

subnetwork.ipCidrRange: 10.170.0.0/20

GCP: Cloud Function

These tokens are available in queries with resource.type: Cloud Function

cloudFunction.timeoutcloudFunction.timeout

Use a text value ##### to find cloud functions based on timeout values.

Example

Show cloud functions with specified timeout value

cloudFunction.timeout: 60s

cloudFunction.memorycloudFunction.memory

Use a text value ##### to find cloud functions based on the available memory. You can specify values in MB.

Example

Show cloud functions with 128 MB available memory.

cloudFunction.memory: 128

cloudFunction.runtimecloudFunction.runtime

Use a text value ##### to find cloud functions based on the programming language they are written in.

Example

Show cloud functions with go111 language

cloudFunction.runtime: go111

cloudFunction.maxInstancescloudFunction.maxInstances

Use a text value ##### to find cloud functions based on the number of maximum instances to which cloud-function can be scaled.

Example

Show cloud functions that can take up maximum 2 instances

cloudFunction.maxInstances: 2

cloudFunction.ingressSettingscloudFunction.ingressSettings

Use a text value ##### to find cloud functions based on ingress-settings of cloud-function.

Example

Show cloud functions that allow all the ingress traffic

cloudFunction.ingressSettings: ALLOW_ALL

cloudFunction.versionIdcloudFunction.versionId

Use a text value ##### to find cloud functions based on the versionId of cloud-functio.

Example

Show cloud functions with specific version Id

cloudFunction.versionId: 2

cloudFunction.serviceAccountEmailcloudFunction.serviceAccountEmail

Use a text value ##### to find cloud functions with the specified service-account email. Ensure that you surround the search value within double quote.

Example

Show cloud functions with certain service-account email

cloudFunction.serviceAccountEmail: "project-151@appspot.gserviceaccount.com"

cloudFunction.vpcConnectorcloudFunction.vpcConnector

Use a text value ##### to find cloud functions based on name of the VPC connector associated with the cloud-function.

Example

Show cloud functions with specified VPC name

cloudFunction.vpcConnector: sampleVPC

cloudFunction.triggercloudFunction.trigger

Use a text value ##### to find cloud functions based on the trigger-service used to trigger the execution of the cloud-function. Ensure that you surround the search value within double quotes..

Example

Show cloud functions with specified trigger-service

cloudFunction.trigger: "storage.googleapis.com"

cloudFunction.statuscloudFunction.status

Use a text value ##### to find cloud functions based on the status.

Example

Show cloud functions with active status

cloudFunction.status: ACTIVE

cloudFunction.label.keycloudFunction.label.key

Use a text value ##### to find cloud functions based on the label key.

Example

Show cloud functions with certain label keys

cloudFunction.label.key: environment

cloudFunction.label.valuecloudFunction.label.value

Use a text value ##### to find cloud functions based on the label value.

Example

Show cloud functions with certain label value

cloudFunction.label.value: test-environment

 

Was this topic helpful?

success Thank you! We're glad to hear that this topic was useful.
success We appreciate your feedback. We'll work to make this topic better for you in the future.