QQL Query Examples

Here are a few examples of QQL queries for your reference:

1)      Let’s create a query to find out, out of total vulnerabilities detection, how many vulnerabilities are confirmed.

Run the query, and note the difference in the total detection in the result.

Let’s further narrow down our search and look for confirmed vulnerabilities detected only on Rockwell Automation. Add another query for the vulnerability source index, and run the combined query.

2) Let’s go for a little more complex query. Let’s find out confirmed vulnerabilities detected only on the Rockwell Automations and with criticality as HIGH.

It is important to reason out what exactly we are looking for. It is then important to use each query as a building block, add operators correctly and enclose your values in parentheses accurately.

Let's build each individual query first and later join all to form a complex one.

What we are looking for

Query

confirmed vulnerabilities

vulnerabilities.typeDetected:`Confirmed`

found on Rockwell Automation

vulnerabilities.hardware.vendor:`Rockwell Automation`

with HIGH critically

vulnerabilities.vulnerability.criticality:`HIGH`

 

Now that we have all the building blocks ready, let's create the single complex query by adding all these individual queries:

In the search bar for the Asset data source, add:

vulnerabilities.typeDetected:`Confirmed` and vulnerabilities.hardware.vendor:`Rockwell Automation` and vulnerabilities.vulnerability.criticality:`HIGH`

See Data Sources

See Qualys Query Language Syntax


 

 

Was this topic helpful?

success Thank you! We're glad to hear that this topic was useful.
success We appreciate your feedback. We'll work to make this topic better for you in the future.