Searching for Sensors
Click to view navigation pane


Home

Searching for Sensors

Use the search tokens below to search for sensors. Looking for help with writing your query? click here

activationUuidactivationUuid

Use a text value ##### to find sensors having an activation UUID.

Example

Show findings with this activation UUID

activationUuid: ed46df944e1c

architecturearchitecture

Use a text value ##### to find sensors by the host architecture (amd64, arm64, x86_64).

Example

Show findings with arm64 host architecture

architecture: arm64

cluster.k8s.node.isMastercluster.k8s.node.isMaster

Use the values true | false to find sensors running on the master node.

Example

Show sensors running on the master node

cluster.k8s.node.isMaster: true

cluster.k8s.node.namecluster.k8s.node.name

Use a text value ##### to find sensors by the Kubernetes cluster node name.

Example

Show sensors with this node name

cluster.k8s.node.name: my-node

cluster.k8s.pod.controller.namecluster.k8s.pod.controller.name

Use a text value ##### to find sensors by the Kubernetes cluster pod controller name.

Example

Show sensors with this pod controller name

cluster.k8s.pod.controller.name: my-controller

cluster.k8s.pod.controller.typecluster.k8s.pod.controller.type

Use a text value ##### to find sensors by the Kubernetes cluster pod controller type (DaemonSet).

Example

Show sensors with this pod controller type

cluster.k8s.pod.controller.type: DaemonSet

cluster.k8s.pod.controller.uuidcluster.k8s.pod.controller.uuid

Use a text value ##### to find sensors by the Kubernetes cluster pod controller uuid.

Example

Show sensors with this pod controller uuid

cluster.k8s.pod.controller.uuid: 01234567-89ab-cdef-0123-456789abcdef

cluster.k8s.pod.label.keycluster.k8s.pod.label.key

Use a text value ##### to find containers by a label name (key) assigned to the Kubernetes cluster pod.

Example

Show containers with this pod label name

cluster.k8s.pod.label.key: environment

cluster.k8s.pod.label.valuecluster.k8s.pod.label.value

Use a text value ##### to find containers by a label value assigned to the Kubernetes cluster pod.

Example

Show containers with this pod label value

cluster.k8s.pod.label.value: production

cluster.k8s.pod.namecluster.k8s.pod.name

Use a text value ##### to find sensors by the Kubernetes cluster pod name.

Example

Show sensors with this pod name

cluster.k8s.pod.name: my-pod

cluster.k8s.pod.namespacecluster.k8s.pod.namespace

Use a text value ##### to find sensors by the Kubernetes cluster pod namespace.

Example

Show sensors with this pod namespace

cluster.k8s.pod.namespace: my.namespace.example.com

cluster.k8s.pod.uuidcluster.k8s.pod.uuid

Use a text value ##### to find sensors by the Kubernetes cluster pod uuid.

Example

Show sensors with this pod uuid

cluster.k8s.pod.uuid: 01234567-89ab-cdef-0123-456789abcdef

cluster.k8s.projectcluster.k8s.project

Use a text value ##### to find sensors by the Kubernetes cluster project name.

Example

Show sensors with this Kubernetes cluster project

cluster.k8s.project: my-project

cluster.typecluster.type

Use a text value ##### to find sensors by the cluster type (KUBERNETES).

Example

Show sensors with the Kubernetes cluster type

cluster.type: KUBERNETES

containerIpv4containerIpv4

Use a text value ##### to define a container IPv4 address of interest.

Example

Show containers on this IPv4 address

containerIpv4: 172.17.0.2

containerIpv6containerIpv6

Use a text value ##### to define a container IPv6 address of interest.

Example

Show containers on this IPv6 address

containerIpv6: fe80:0:0:0:2502:b53c:4139:404b

containerMacAddresscontainerMacAddress

Use a text value ##### to define a container MAC address you're interested in.

Example

Show container with this MAC address

containerMacAddress: 00-50-56-A9-73-5A

containerRuntimecontainerRuntime

Use a text value ##### to find a container based on Runtime type (DOCKER, CONTAINERD, CRI-O).

Example

Show container with this Runtime type

containerRuntime: DOCKER

containerRuntimeVersioncontainerRuntimeVersion

Use a text value ##### to find the Runtime version you're interested in.

Example

Show container with this Runtime version

containerRuntimeVersion: 1.3

createdcreated

Use a date range or specific date to define when sensors were created.

Examples

Find sensors created within certain dates

created: [2017-06-15 ... 2017-06-30]

Find sensors created on specific date

created:'2017-08-15'

dockerVersiondockerVersion

Use a text value ##### to find Docker version you're interested in.

Example

Show sensors with this Docker version

dockerVersion: 1.3

hostnamehostname

Use a text value ##### to define the sensor hostname you're looking for.

Example

Show sensors with this hostname

hostname: dockerhost07.mydomain.com

imageIdimageId

Use a text value ##### to define a sensor image ID of interest.

Example

Show sensors with this image ID

imageId: c2d1b73a90ec

imageShaimageSha

Use a text value ##### to define SHA 256 hash of sensor image.

Example

Show container image with this SHA value

imageSha: 163dc7f6b91a30bdaa867c28e7edc341e72da63b0f9056be497bd59a83bce695

ipv4ipv4

Use a text value ##### to define a sensor IPv4 address of interest.

Example

Show sensors on this IPv4 address

ipv4: 172.17.0.2

ipv6ipv6

Use a text value ##### to define a sensor IPv6 address of interest.

Example

Show sensors on this IPv6 address

ipv6: fe80:0:0:0:2502:b53c:4139:404b

label.keylabel.key

Use a text value ##### to find sensors with a certain label name.

Example

Show sensors with label name "vendor"

label.key: "vendor"

label.valuelabel.value

Use a text value ##### to find sensors with a certain label value.

Example

Show sensors with label value "CentOS"

label.value: "CentOS"

lastCheckedInlastCheckedIn

Use a date range or specific date to define when sensors last checked in.

Examples

Find sensors with last checkin within certain dates

lastCheckedIn: [2017-06-15 ... 2017-06-30]

Find sensors with last checkin on specific date

lastCheckedIn:'2017-08-15'

macAddressmacAddress

Use a text value ##### to define a sensor MAC address you're interested in.

Example

Show sensor with this MAC address

macAddress: 00-50-56-A9-73-5A

namename

Use a text value ##### to define the sensor name you're interested in.

Example

Show this sensor name

name: "my-sensor"

osos

Use values within quotes or backticks to help you find sensors on an operating system you're interested in.

Examples

Show any sensors on this OS name

os: Windows 2012

Show any sensors contain components of OS name

os: "Windows 2012"

Show sensors that match exact value "Windows 2012"

os: `Windows 2012`

privilegedprivileged

Use the values true | false to find privileged sensors.

Example

Show privileged sensors

privileged: true

registryregistry

Use a text value ##### to find sensors having a registry name you're interested in.

Example

Show findings with this registry name

registry: "registry-name"

sensorIdsensorId

Use a text value ##### to find a sensor ID.

Example

Show sensor with this ID

sensorId: ed46df944e1c

sensorTypesensorType

Use a text value ##### to find sensors by type (CICD, GENERAL, REGISTRY, SERVERLESS_FARGATE).

Example

Show registry sensors

sensorType: REGISTRY

sensorVersionsensorVersion

Use a text value ##### to find sensor version you're interested in.

Example

Show sensors with this version

sensorVersion: 1.3

shasha

Use a text value ##### to define SHA 256 hash of container image.

Example

Show findings with this SHA value

sha: 163dc7f6b91a30bdaa867c28e7edc341e72da63b0f9056be497bd59a83bce695

statusstatus

Use a text value ##### to define sensors with a certain status (Running or Unknown).

Example

Show sensors with running status

status: "Running"

uuiduuid

Use a text value ##### to define a sensor UUID of interest.

Example

Show sensor for this UUID

uuid: c7d66569-5c17-47f6-a8b9-f640cfe71cec

andand

Use a boolean query to express your query using AND logic.

Example

Show sensors with Docker runtime and with runtime version 19

containerRuntime: DOCKER and containerRuntimeVersion: 19

notnot

Use a boolean query to express your query using NOT logic.

Example

Show sensors that don't have sensor type Registry

not sensorType: REGISTRY

oror

Use a boolean query to express your query using OR logic.

Example

Show sensors with one of these sensor types

sensorType: GENERAL or sensorType: REGISTRY