Learn more about Nested Queries
Best Practices
Use nested queries when tokens have a shared key, in this example "asset".
asset:(assetID:43954857 AND status:Enrolled)
Consider the intent of your query. Here's some examples.
Query 1: This will return findings having a certain agent ID and last logged on user. A finding is returned only when it matches both criteria.
asset:(assetID:123456789 AND lastSeen: '2018-10-10')
Query 2: This will return findings having a certain agent ID and/or a certain last logged on user. A finding is returned when it matches only one criteria.
asset.assetID:123456789 AND asset.lastSeen: '2018-10-10'