Searching for Malwares
Click to view navigation pane


Home

Searching for Malwares

Use the search tokens below to search for malwares detected in a container image. Looking for help with writing your query? click here

layerHashlayerHash

Use a text value ##### to specify the layer hash value.

Example

Show malwares detected in this image layer.

layerHash: 3b2c25e647d295b746d012311351909c2cef09a60b2f956024733451cd2124cd

layerMalwareInfo.categorylayerMalwareInfo.category

Use a text value ##### to specify a malware category.

Example

Show malwares of this category.

layerMalwareInfo.category: Pua

layerMalwareInfo.familylayerMalwareInfo.family

Use a text value ##### to specify the malware family.

Example

Show malwares associated with this family.

layerMalwareInfo.family: Suspicious

layerMalwareInfo.predictionlayerMalwareInfo.prediction

Specify the prediction on the nature of the malware. Select a value from the list.

Example

Show malwares predicted to be malicious.

layerMalwareInfo.prediction: Malicious

layerMalwareInfo.severitylayerMalwareInfo.severity

Specify the severity of the malware. Select a value from the list.

Example

Show malwares of this severity.

layerMalwareInfo.severity: 1

layerMalwareInfo.scorelayerMalwareInfo.score

Use a float value #####to specify the score of the malware.

Example

Show malwares with this score.

layerMalwareInfo.score: 1

andand

Use a boolean query to express your query using AND logic.

Example

Show events with type Standard and with action Allow

eventType: STANDARD and action: ALLOW

notnot

Use a boolean query to express your query using NOT logic.

Example

Show events that don't have Deny action

not action: DENY

oror

Use a boolean query to express your query using OR logic.

Example

Show events with one of these actions

action: ALLOW or action: MONITOR