Search Tokens for Qualys Flow
Click here to see this page in full context


Search Tokens for Qualys Flow

On the QFlow tab of the Qualys Flow application, use the following tokens to search for the information related to QFlows in your account. Build your search queries by using various combinations of these tokens. Click each token for information about how to use it.

qflow.nameqflow.name

Use values within quotes to help you find qflows with a specific name.

Examples

Show findings with this name

qflow.name: Publicly accessible RDS DB Instances

Show any findings that contain parts of the name

qflow.name: "Publicly accessible RDS DB Instances"

qflow.statusqflow.status

Search the qflows based on their status as Error or Success.

Examples

Show findings with qflow status as error

qflow.status: Error

Show findings with qflow status as success

qflow.status: Success

qflow.stateqflow.state

Search the qflows based on their state as Enabled or Disabled.

Examples

Show findings with qflow state as enabled 

qflow.state: Enabled

Show findings with qflow state as disabled

qflow.state: Disabled

qflow.categoryqflow.category

Search the qflows based on categories from: AWS Best Practices, AWS CIS, Auto Remediation, Custom, Operational Excellence, Security.

Examples

Show findings with Security category 

qflow.category: Security

Show findings with AWS CIS category

qflow.category: AWS CIS

qflow.moduleqflow.module

Search the qflows which are adopted in a specific module like TotalCloud.

Example

Show findings with this name

qflow.module: TotalCloud

qflow.account.idqflow.account.id

Use a text value ##### to show resources based on the unique account ID associated with the connector/ARN at the time of creation.

Example

Show findings with this account ID

qflow.account.id: 205767712438

qflow.idqflow.id

Use a text value ##### to show resources based on the unique qflow ID associated with the qflow at the time of creation.

Example

Show qflow with this unique qflow ID

qflow.id: 0cbc3157-9b21-48a6-8652-28248741ebd

qflow.providerqflow.provider

Search the qflows based on the cloud provider.

Examples

Show QFlows for AWS cloud provider

qflow.provider: AWS

Show QFlows for AZURE cloud provider

qflow.provider: AZURE

sourcesource

Search the execution details based on the source from where the qflow is triggered. Select the token from Batch, TC, Event, QSS, SNAPSHOT, SSM, or UI.

Example

Show execution details triggered from TotalCloud

source: TC

executionexecution

Search the execution details based on the execution ID.

Example

Show execution details for the given execution ID

source: 4d89bea0-172b-476f-a9c3-a5cf8f9d70cc

statusstatus

Search the execution details based on execution status. Select the token from Error, Queued, Running, or Success.

Example

Show execution details with status as Sucesstriggered from TotalCloud

status: Success

regionsregions

Search the AWS execution details based on the region.

Example

Show AWS execution details 

regions: us-east-1

resource_groupsresource_groups

Search the AZURE execution details based resource group.

Example

Show AZURE execution details

resource_groups: cloud-shell-storage-india

Supported Boolean Operators

The Qualys Query Language (QQL) supports the following logical or Boolean query operators. Use these operators in your queries to narrow down or broaden your search.

andand

Narrow down the search by using the and operator in the Boolean query. The result contains all the token values that are provided in the query.

Example

Show the AWS executions that have a successful status. 

certificate:(expiryGroup:In 30 Days and issuer.name:DigiCert)