Search Tutorial for FIM

Our search capabilities give you the ability to quickly find events matching certain criteria.

You'll notice the Search field above the Events list. This is where you'll enter your search query. (Tip - Search for incidents on the Incidents tab and assets on the Assets tab in a similar way.)

Start typing and we'll show you the event properties you can search like actor process, asset hostname, profile name, etc. Select the one you're interested in.

List of event properties for a search entry.

Now enter the value you want to match, and click Search. That's it! Your matches appear in your events list.

Note that date range for searching events should be less than or equal to 365 Days. That date range can be any year to any year, but difference between total number of days should be less than or equal to 365 days.

See also: How to search | Group by options

Sample query with an event property and value of the property and matching events under Target.

Tip - Use your queries to create dashboard widgets on the Dashboards tab.

Search Actions

Using our Search Query menu search action menu options, you can view the frequently-used QQL queries, save, and manage them with ease. You can create widgets from frequently used queries for easy reference in future. Looking for the different actions on the search queries, see  Search Actions.

© 2024 Qualys, Inc. All rights reserved. Privacy Policy.