Searching for Sensors
Use the search tokens below to search for sensors. Looking for help with writing your query? click here
activationUuidactivationUuid
Use a text value ##### to find sensors having an activation UUID.
Example
Show findings with this activation UUID
activationUuid: ed46df944e1c
architecturearchitecture
Use a text value ##### to find sensors by the host architecture (amd64, arm64, x86_64).
Example
Show findings with arm64 host architecture
architecture: arm64
cluster.k8s.node.isMastercluster.k8s.node.isMaster
Use the values true | false to find sensors running on the master node.
Example
Show sensors running on the master node
cluster.k8s.node.isMaster: true
cluster.k8s.node.namecluster.k8s.node.name
Use a text value ##### to find sensors by the Kubernetes cluster node name.
Example
Show sensors with this node name
cluster.k8s.node.name: my-node
cluster.k8s.pod.controller.namecluster.k8s.pod.controller.name
Use a text value ##### to find sensors by the Kubernetes cluster pod controller name.
Example
Show sensors with this pod controller name
cluster.k8s.pod.controller.name: my-controller
cluster.k8s.pod.controller.typecluster.k8s.pod.controller.type
Use a text value ##### to find sensors by the Kubernetes cluster pod controller type (DaemonSet).
Example
Show sensors with this pod controller type
cluster.k8s.pod.controller.type: DaemonSet
cluster.k8s.pod.controller.uuidcluster.k8s.pod.controller.uuid
Use a text value ##### to find sensors by the Kubernetes cluster pod controller uuid.
Example
Show sensors with this pod controller uuid
cluster.k8s.pod.controller.uuid: 01234567-89ab-cdef-0123-456789abcdef
cluster.k8s.pod.label.keycluster.k8s.pod.label.key
Use a text value ##### to find containers by a label name (key) assigned to the Kubernetes cluster pod.
Example
Show containers with this pod label name
cluster.k8s.pod.label.key: environment
cluster.k8s.pod.label.valuecluster.k8s.pod.label.value
Use a text value ##### to find containers by a label value assigned to the Kubernetes cluster pod.
Example
Show containers with this pod label value
cluster.k8s.pod.label.value: production
cluster.k8s.pod.namecluster.k8s.pod.name
Use a text value ##### to find sensors by the Kubernetes cluster pod name.
Example
Show sensors with this pod name
cluster.k8s.pod.name: my-pod
cluster.k8s.pod.namespacecluster.k8s.pod.namespace
Use a text value ##### to find sensors by the Kubernetes cluster pod namespace.
Example
Show sensors with this pod namespace
cluster.k8s.pod.namespace: my.namespace.example.com
cluster.k8s.pod.uuidcluster.k8s.pod.uuid
Use a text value ##### to find sensors by the Kubernetes cluster pod uuid.
Example
Show sensors with this pod uuid
cluster.k8s.pod.uuid: 01234567-89ab-cdef-0123-456789abcdef
cluster.k8s.projectcluster.k8s.project
Use a text value ##### to find sensors by the Kubernetes cluster project name.
Example
Show sensors with this Kubernetes cluster project
cluster.k8s.project: my-project
cluster.typecluster.type
Use a text value ##### to find sensors by the cluster type (KUBERNETES).
Example
Show sensors with the Kubernetes cluster type
cluster.type: KUBERNETES
containerIpv4containerIpv4
Use a text value ##### to define a container IPv4 address of interest.
Example
Show containers on this IPv4 address
containerIpv4: 172.17.0.2
containerIpv6containerIpv6
Use a text value ##### to define a container IPv6 address of interest.
Example
Show containers on this IPv6 address
containerIpv6: fe80:0:0:0:2502:b53c:4139:404b
containerMacAddresscontainerMacAddress
Use a text value ##### to define a container MAC address you're interested in.
Example
Show container with this MAC address
containerMacAddress: 00-50-56-A9-73-5A
containerRuntimecontainerRuntime
Use a text value ##### to find a container based on Runtime type (DOCKER, CONTAINERD, CRI-O).
Example
Show container with this Runtime type
containerRuntime: DOCKER
containerRuntimeVersioncontainerRuntimeVersion
Use a text value ##### to find the Runtime version you're interested in.
Example
Show container with this Runtime version
containerRuntimeVersion: 1.3
createdcreated
Use a date range or specific date to define when sensors were created.
Examples
Find sensors created within certain dates
created: [2017-06-15 ... 2017-06-30]
Find sensors created on specific date
created:'2017-08-15'
dockerVersiondockerVersion
Use a text value ##### to find Docker version you're interested in.
Example
Show sensors with this Docker version
dockerVersion: 1.3
hostnamehostname
Use a text value ##### to define the sensor hostname you're looking for.
Example
Show sensors with this hostname
hostname: dockerhost07.mydomain.com
imageIdimageId
Use a text value ##### to define a sensor image ID of interest.
Example
Show sensors with this image ID
imageId: c2d1b73a90ec
imageShaimageSha
Use a text value ##### to define SHA 256 hash of sensor image.
Example
Show container image with this SHA value
imageSha: 163dc7f6b91a30bdaa867c28e7edc341e72da63b0f9056be497bd59a83bce695
ipv4ipv4
Use a text value ##### to define a sensor IPv4 address of interest.
Example
Show sensors on this IPv4 address
ipv4: 172.17.0.2
ipv6ipv6
Use a text value ##### to define a sensor IPv6 address of interest.
Example
Show sensors on this IPv6 address
ipv6: fe80:0:0:0:2502:b53c:4139:404b
label.keylabel.key
Use a text value ##### to find sensors with a certain label name.
Example
Show sensors with label name "vendor"
label.key: "vendor"
label.valuelabel.value
Use a text value ##### to find sensors with a certain label value.
Example
Show sensors with label value "CentOS"
label.value: "CentOS"
lastCheckedInlastCheckedIn
Use a date range or specific date to define when sensors last checked in.
Examples
Find sensors with last checkin within certain dates
lastCheckedIn: [2017-06-15 ... 2017-06-30]
Find sensors with last checkin on specific date
lastCheckedIn:'2017-08-15'
macAddressmacAddress
Use a text value ##### to define a sensor MAC address you're interested in.
Example
Show sensor with this MAC address
macAddress: 00-50-56-A9-73-5A
namename
Use a text value ##### to define the sensor name you're interested in.
Example
Show this sensor name
name: "my-sensor"
osos
Use values within quotes or backticks to help you find sensors on an operating system you're interested in.
Examples
Show any sensors on this OS name
os: Windows 2012
Show any sensors contain components of OS name
os: "Windows 2012"
Show sensors that match exact value "Windows 2012"
os: `Windows 2012`
privilegedprivileged
Use the values true | false to find privileged sensors.
Example
Show privileged sensors
privileged: true
registryregistry
Use a text value ##### to find sensors having a registry name you're interested in.
Example
Show findings with this registry name
registry: "registry-name"
sensorIdsensorId
Use a text value ##### to find a sensor ID.
Example
Show sensor with this ID
sensorId: ed46df944e1c
sensorTypesensorType
Use a text value ##### to find sensors by type (CICD, GENERAL, REGISTRY, SERVERLESS_FARGATE).
Example
Show registry sensors
sensorType: REGISTRY
sensorVersionsensorVersion
Use a text value ##### to find sensor version you're interested in.
Example
Show sensors with this version
sensorVersion: 1.3
shasha
Use a text value ##### to define SHA 256 hash of container image.
Example
Show findings with this SHA value
sha: 163dc7f6b91a30bdaa867c28e7edc341e72da63b0f9056be497bd59a83bce695
statusstatus
Use a text value ##### to define sensors with a certain status (Running or Unknown).
Example
Show sensors with running status
status: "Running"
uuiduuid
Use a text value ##### to define a sensor UUID of interest.
Example
Show sensor for this UUID
uuid: c7d66569-5c17-47f6-a8b9-f640cfe71cec
andand
Use a boolean query to express your query using AND logic.
Example
Show sensors with Docker runtime and with runtime version 19
containerRuntime: DOCKER and containerRuntimeVersion: 19
notnot
Use a boolean query to express your query using NOT logic.
Example
Show sensors that don't have sensor type Registry
not sensorType: REGISTRY
oror
Use a boolean query to express your query using OR logic.
Example
Show sensors with one of these sensor types
sensorType: GENERAL or sensorType: REGISTRY