Was this topic helpful?
On the Import Asset tab of the VMDR OT application, use the following tokens to search the files and assets in your inventory. Build your search queries by using various combinations of these tokens. Click each token for information about how to use it.
The Qualys Query Language (QQL) supports the following logical or Boolean query operators. Use these operators in your queries to narrow down or broaden your search.
Narrow down your search by using the 'and' operator in your Boolean query. The result contains all the token values that you provide in your query.
Example
Show the network traffic with the source or destination asset as an OT device and use UDP as the transport protocol
hardware.type: `OT Device` and interfaces.transport.protocol: UDP
Narrow down your search by using the 'not' operator in your Boolean query. The result contains all the other values except the one that you specify after 'not' in your query.
Example
Show the network traffic that does not have the source or destination asset as an OT device
not hardware.type: OT Device
Broaden your search by using the 'or' operator in your Boolean query. The result contains any of the token values that you provide in your query.
Examples
Show the network traffic with the source or destination asset as router or OT Device
hardware.type: `router` or hardware.type: `OT Device`
Show the network traffic with the source asset as router or destination asset as OT Device
source.hardware.type: `router` or destination.hardware.type: `OT Device`
file.assetCountfile.assetCount
Use an integer to search the project files that have the assets count from an imported project file.
Example
Show all the files having 50 or less assets
file.assetCount <= 50
Use a text value ##### to search the project file with the specific extension. For exact search, enclose the token value in backticks `<value>`.
Example
Show any findings that match the exact file extension
file.extension: `.L5X`
file.engineeringSoftwareNamefile.engineeringSoftwareName
Use a text value ##### to search the project file with the specific software name. For exact search, enclose the token value in backticks `<value>`.
Example
Show any findings that match the exact software name
file.engineeringSoftwareName: `Digsi 5`
file.engineeringSoftwareVersionfile.engineeringSoftwareVersion
Use a text value ##### to search the project file with the specific software version. For exact search, enclose the token value in backticks `<value>`.
Example
Show any findings that match the exact file software version
file.engineeringSoftwareVersion: `1.3.0.0`
Search the project file using the hash value. For exact search, enclose the token value in backticks `<value>`.
Example
Show the project file using this hash value
file.hash: `94ebb29b451a229e49c8f6e88afc2a15`
file.lastUpdatedfile.lastUpdated
Use a date range or specific date to search when the project files were last updated.
Supported date formats: yyyy-MM-dd, yyyy-MM, yyyy
Examples
Show the project files last updated on a specified date
file.lastUpdated: `2021-01-08`
Show the project files last updated within the past 90 days (excluding day 90)
file.lastUpdated > now-90d
Show the project files last updated by the user within the past 90 days (including day 90)
file.lastUpdated >= now-90d
Show the files last updated before past 90 days (excluding day 90)
file.lastUpdated < now-90d
Show the project files last updated before the past 90 days (including day 90)
file.lastUpdated <= now-90d
Show the project files last updated within the specified date range
file.lastUpdated : [2020-01-01 .. 2020-01-10]
Show the project files last updated from two weeks ago till a second ago
file.lastUpdated : [now-2w .. now-1s]
file.lastUpdatedUserfile.lastUpdatedUser
Search the project file that was last updated by the user.
Example
Show the last updated project file by the admin
file.lastUpdatedUser: admin
Use a text value ##### to search the project file name. For exact search, enclose the token value in backticks `<value>`.
Examples
Show any findings related to the project file name
file.name: Plant_1_Assembly
Show any findings that contain parts of the project file name
file.name: "Plant_1"
Show any findings that match the exact project file name
file.name: `Plant_1_Assembly`
file.plantLocationfile.plantLocation
Use a text value ##### to search the project files by plant location. For exact search, enclose the token value in backticks `<value>`.
Examples
Show the project files related to the plant location
file.plantLocation: Stuttgart
Show the project files that contain parts of the plant location
file.plantLocation: "Stuttgart"
Show the project files that match the exact plant location
file.plantLocation: `Stuttgart`
Search the project files by their status. Choose the value from the options (Uploading, Imported, Importing, Analysing, Deleting, Deleted, or Failed).
Example
Show the project files with status as Uploading
file.status: Uploading
Use a text value ##### to search the project files by their vendors.
Example
Show the project files from the vendor Siemens
file.vendor: Siemens
For information about search tokens on the Assets tab, see Assets Search Tokens.
For information about search tokens on the Vulnerabilities tab, see Vulnerabilities Search Tokens.
For information about search tokens on the Network tab, see Network Search Tokens.
Was this topic helpful?