On the QFlow tab of the Qualys Flow application, use the following tokens to search for the information related to QFlows in your account. Build your search queries by using various combinations of these tokens. Click each token for information about how to use it.
Examples
Show findings with this name
qflow.name: Publicly accessible RDS DB Instances
Show any findings that contain parts of the name
qflow.name: "Publicly accessible RDS DB Instances"
Examples
Show findings with qflow status as error
qflow.status: Error
Show findings with qflow status as success
qflow.status: Success
Examples
Show findings with qflow state as enabled
qflow.state: Enabled
Show findings with qflow state as disabled
qflow.state: Disabled
Examples
Show findings with Security category
qflow.category: Security
Show findings with AWS CIS category
qflow.category: AWS CIS
Example
Show findings with this name
qflow.module: TotalCloud
qflow.account.idqflow.account.id
Example
Show findings with this account ID
qflow.account.id: 205767712438
Example
Show qflow with this unique qflow ID
qflow.id: 0cbc3157-9b21-48a6-8652-28248741ebd
Examples
Show QFlows for AWS cloud provider
qflow.provider: AWS
Show QFlows for AZURE cloud provider
qflow.provider: AZURE
Example
Show execution details triggered from TotalCloud
source: TC
Example
Show execution details for the given execution ID
source: 4d89bea0-172b-476f-a9c3-a5cf8f9d70cc
Example
Show execution details with status as Sucesstriggered from TotalCloud
status: Success
Example
Show AWS execution details
regions: us-east-1
resource_groupsresource_groups
Search the AZURE execution details based resource group.
Example
Show AZURE execution details
resource_groups: cloud-shell-storage-india
The Qualys Query Language (QQL) supports the following logical or Boolean query operators. Use these operators in your queries to narrow down or broaden your search.
Narrow down the search by using the and operator in the Boolean query. The result contains all the token values that are provided in the query.
Example
Show the AWS executions that have a successful status.
certificate:(expiryGroup:In 30 Days and issuer.name:DigiCert)