How to Search in QGS

Search by Field | String matching | Exact matching | Full Text Search | Is Null Queries | Range searches | Date searches | Match multiple values | Boolean operators | Nested Queries

Search by Field

Enter the field name, then a colon, then your query. Nested fields are dot separated.

Examples:

assetName: WIN10-SECURITY

assetLastLogonUser: .\Administrator

assetId: 3477405

String matching

Use single quotes or double quotes around your query to match a string.

Examples:

os: "Windows"

description: "Cyware Connection"

Example using wildcard: If you want to search for exact count you should use asterisk (*). For example to find assets with name starting with WINDOWS2008 use this query:

updatedBy: dashb_du*

Exact matching

Use backticks to exactly match a string. Your results will include any asset with the EXACT value returned.

Examples:

preferredName: `Rahul Shukla`

title: `Software Engineer`

Full Text Search

Many asset fields containing text allow you to use full text search and advanced search capabilities.

Learn more >>

Examples:

Show any findings with this OS name

os: Windows

 

Is Null Queries

Want to match an empty/null value for a field? You'll need to remove the colon and then write "is null". For example, quickly find assets where the OS has not been identified.

Examples:

os is null

applianceId is null

deploymentLocation is null

Range searches

Ranges can be specified with the [lower .. upper] syntax using () and/or [] as follows. This is supported for numeric and date fields.

Example:

inventory.created: [2018-08-01 .. 2018-09-01]  // Between August 1st and September 1st 2018

 

Range options:

updatedOn:(date1 .. date2)  // Greater than but not equal to date1 and less than but not equal to date2

updatedOn:(date1 .. date2]  // Greater than but not equal to date1 and less than or equal to date2

updatedOn:[date1.. date2)  // Greater than or equal to date1 and less than but not equal to date2

updatedOn:[date1 .. date2]  // Greater than but or equal to date1 and less than or equal to date2

updatedOn > date1 // Greater than date1

updatedOn >= date1 // Greater than or equal to date1

updatedOn < date1 // Less than date1

updatedOn <= date1 // Less than or equal to date1

Date searches

Use a date range [start date .. end date] or a specific date. Several date variables are also available.

Learn more >>

Examples:

createdOn: "2018-10-20"

createdOn <= "2018-11-20"

createdOn: ["2018-10-20" .. "2018-10-24"]

createdOn: [now-3d .. now-1s]

Match multiple values

Use to match values "In" or "Not In" fields. Available for all fields except analyzed fields (i.e. full text search fields).

Examples:

Find assets with at least one of these three scanner appliance locations:

location: [SanJose1, SanJose2, SanJose3]

Find assets not last booted on date: 2018-08-31 or 2018-09-12

NOT createdOn: ["2018-08-31","2018-09-12"]

Supported date formats:

YYYY example: createdOn:["2017","2018"]  // in 2018 or 2021

YYYY-MM example: createdOn:["2018-08","2018-09"]  // in month of Aug or Sept

YYYY-MM-DD example: createdOn:["2018-10-30","2018-11-05"]  // on one of exact dates

Boolean Operators

Use keywords AND, OR, NOT to narrow or broaden your search. Click the following link for info on max query depth, using NOT with vulnerability queries.

Learn more >>

Examples:

Show findings that have one of these operating systems:

os: `Windows 2002` OR os: `Windows 7 Ultimate Service Pack 1`

Show assets not created on or before date:

AND NOT createdOn <= "2018-11-05"

Nested Queries

Use a single nested query, using parentheses, to include multiple fields in your query. This is supported only for certain tokens like "asset", "hardware", "interfaces", etc.

Example:

Find the assetId and the assetName:

asset: (assetId: '3477405' AND assetName: WIN10-SECURITY)

Learn more >>

 

© 2025 Qualys, Inc. All rights reserved. Privacy Policy.