Sample Rule Queries in VMDR
Following are some of the Sample Rule queries in the VMDR application:
- To list all the vulnerabilities with severity 5 and status NEW that also has the vulnerability title as Microsoft. The Rule Query will be-
vulnerabilities.severity:5 and vulnerabilities.status:NEW and vulnerabilities.vulnerability.title:"Microsoft"
- To get the list of all the vulnerabilities with QID 90126 (this QID represents pending reboot) and the vulnerabilities that are not fixed, which will give all the assets that are pending reboot. The Rule Query will be-
vulnerabilities.vulnerability.qid:"90126" and NOT vulnerabilities.status:FIXED
- To get the list of all the vulnerabilities that are real-time threats of Ransomware and has status as New, The Rule Query will be-
vulnerabilities.severity:5 and vulnerabilities.status:NEW and vulnerabilities.vulnerability.title:"Microsoft"