Searching for Malwares
Use the search tokens below to search for malwares detected in a container image. Looking for help with writing your query? click here
layerHashlayerHash
Use a text value ##### to specify the layer hash value.
Example
Show malwares detected in this image layer.
layerHash: 3b2c25e647d295b746d012311351909c2cef09a60b2f956024733451cd2124cd
layerMalwareInfo.categorylayerMalwareInfo.category
Use a text value ##### to specify a malware category.
Example
Show malwares of this category.
layerMalwareInfo.category: Pua
layerMalwareInfo.familylayerMalwareInfo.family
Use a text value ##### to specify the malware family.
Example
Show malwares associated with this family.
layerMalwareInfo.family: Suspicious
layerMalwareInfo.predictionlayerMalwareInfo.prediction
Specify the prediction on the nature of the malware. Select a value from the list.
Example
Show malwares predicted to be malicious.
layerMalwareInfo.prediction: Malicious
layerMalwareInfo.severitylayerMalwareInfo.severity
Specify the severity of the malware. Select a value from the list.
Example
Show malwares of this severity.
layerMalwareInfo.severity: 1
layerMalwareInfo.scorelayerMalwareInfo.score
Use a float value #####to specify the score of the malware.
Example
Show malwares with this score.
layerMalwareInfo.score: 1
andand
Use a boolean query to express your query using AND logic.
Example
Show events with type Standard and with action Allow
eventType: STANDARD and action: ALLOW
notnot
Use a boolean query to express your query using NOT logic.
Example
Show events that don't have Deny action
not action: DENY
oror
Use a boolean query to express your query using OR logic.
Example
Show events with one of these actions
action: ALLOW or action: MONITOR