Use the following tokens to define search criteria for dynamic tagging:
asset.riskScoreasset.riskScore
Example
Show assets with risk score 60
asset.riskScore:
"60"
vulnerabilities.vulnerability.qidvulnerabilities.vulnerability.qid
Example
Show findings with QID 90405
vulnerabilities.vulnerability.qid: 90405
vulnerabilities.severityvulnerabilities.severity
Example
Show findings with severity by 5
vulnerabilities.severity:5
For information about customer and Qualys severity, see Customer and Kb Severity Level
vulnerabilities.typeDetectedvulnerabilities.typeDetected
Example
Show findings with this type
vulnerabilities.typeDetected:Confirmed
vulnerabilities.foundvulnerabilities.found
Examples
Show findings with vulnerabilities detected
vulnerabilities.found:TRUE
vulnerabilities.statusvulnerabilities.status
If you select the status as Fixed, the list will only show vulnerabilities that are fixed in the last 365 days.
Example
Show vulnerabilities with New status
vulnerabilities.status:NEW
vulnerabilities.hostOSvulnerabilities.hostOS
Examples
Show any findings with this OS name
vulnerabilities.hostOS:Windows 2012
Show any findings that contain components of OS name
vulnerabilities.hostOS:"Windows 2012"
Show any findings that match exact value "Windows 2012"
vulnerabilities.hostOS:`Windows 2012`
vulnerabilities.hostAssetName vulnerabilities.hostAssetName
Examples
Show any findings related to name
vulnerabilities.hostAssetName:QK2K12QP3-65-53
Show any findings that contain parts of name
vulnerabilities.hostAssetName:"QK2K12QP3-65-53"
Show any findings that match exact value "QK2K12QP3-65-53"
vulnerabilities.hostAssetName:`QK2K12QP3-65-53`
vulnerabilities.ignoredvulnerabilities.ignored
Example
Show vulnerabilities that are marked as ignored
vulnerabilities.ignored:TRUE
vulnerabilities.disabledvulnerabilities.disabled
Examples
Show findings with vulnerabilities disabled
vulnerabilities.disabled:TRUE
vulnerabilities.portvulnerabilities.port
Example
Show vulnerabilities found on this port
vulnerabilities.port:443
vulnerabilities.protocolvulnerabilities.protocol
Use a text value (UDP or TCP) to define the port protocol.
Example
Show vulnerabilities found on TCP protocol
vulnerabilities.protocol:TCP
vulnerabilities.instancevulnerabilities.instance
Example
Show vulnerabilities found in this instance
vulnerabilities.instance: oracle
vulnerabilities.nonRunningKernelvulnerabilities.nonRunningKernel
Examples
Show detections found on non-running Kernal
vulnerabilities.nonRunningKernel:TRUE
Show detections found on running Kernal
vulnerabilities.nonRunningKernel:FALSE
vulnerabilities.nonExploitableServicevulnerabilities.nonExploitableService
Examples
Show findings on non-exploitable services
vulnerabilities.nonExploitableService:TRUE
vulnerabilities.detectionScorevulnerabilities.detectionScore
Examples
Show vulnerabilities with detection score 80
vulnerabilities.detectionScore:80
Show vulnerabilities with detection score 25
vulnerabilities.detectionScore:25
vulnerabilities.vulnerability.qualysPatchablevulnerabilities.vulnerability.qualysPatchable
Examples
Show vulnerabilities with patch available at Qualys
vulnerabilities.vulnerability.qualysPatchable: "true"
Show vulnerabilities with patch not available at Qualys
vulnerabilities.vulnerability.qualysPatchable: "false"
vulnerabilities.vulnerability.criticalityvulnerabilities.vulnerability.criticality
The following list of criticality defines the CVSS Score from 0.0 to 10.0:
Examples
Show vulnerabilities with HIGH criticality
vulnerabilities.vulnerability.criticality: "HIGH"
vulnerabilities.vulnerability.descriptionvulnerabilities.vulnerability.description
Examples
Show any findings related to description
vulnerabilities.vulnerability.description:remote
code execution
Show any findings that contain "remote" or "code" in description
vulnerabilities.vulnerability.description:"remote
code execution"
Show any findings that match exact value "remote code execution"
vulnerabilities.vulnerability.description:`remote
code execution`
vulnerabilities.vulnerability.riskvulnerabilities.vulnerability.risk
Example
Show findings with risk 50
vulnerabilities.vulnerability.risk:50
vulnerabilities.vulnerability.osvulnerabilities.vulnerability.os
Examples
Show any findings related to this OS value
vulnerabilities.vulnerability.os:windows
Show any findings that contain parts of OS value
vulnerabilities.vulnerability.os:"windows"
Show any findings that match exact value "windows"
vulnerabilities.vulnerability.os:`windows`
vulnerabilities.vulnerability.patchAvailablevulnerabilities.vulnerability.patchAvailable
Examples
Show findings with patch available
vulnerabilities.vulnerability.patchAvailable:TRUE
Show findings with no patch available
vulnerabilities.vulnerability.patchAvailable:FALSE
vulnerabilities.vulnerability.vendors.productNamevulnerabilities.vulnerability.vendors.productName
Example
Show findings with this vendor product name
vulnerabilities.vulnerability.vendors.productName:Windows
vulnerabilities.vulnerability.vendors.vendorNamevulnerabilities.vulnerability.vendors.vendorName
Example
Show findings with this vendor name
vulnerabilities.vulnerability.vendors.vendorName:Adobe
vulnerabilities.vulnerability.titlevulnerabilities.vulnerability.title
Examples
Show any findings related to this title
vulnerabilities.vulnerability.title:Remote Code
Execution
Show any findings that contain "Remote" or "Code" in title
vulnerabilities.vulnerability.title:"Remote
Code"
Show any findings that match exact value "Remote Code"
vulnerabilities.vulnerability.title:`Remote Code`
vulnerabilities.vulnerability.rebootRequiredvulnerabilities.vulnerability.rebootRequired
Examples
Show vulnerabilities that need reboot.
vulnerabilities.vulnerability.rebootRequired: TRUE
Examples
Show assets with threats due to active attacks
vulnerabilities.vulnerability.threatIntel.activeAttacks:
true
Show assets that don't have threats due to active attacks
vulnerabilities.vulnerability.threatIntel.activeAttacks:
false
Examples
Show assets with threats due to denial of service
vulnerabilities.vulnerability.threatIntel.denialOfService:
true
Show assets that don't have threats due to denial of service
vulnerabilities.vulnerability.threatIntel.denialOfService:
false
Examples
Show assets with threats due to easy exploit
vulnerabilities.vulnerability.threatIntel.easyExploit:
true
Show assets that don't have threats due to easy exploit
vulnerabilities.vulnerability.threatIntel.easyExploit:
false
Examples
Show assets with threats due to high data loss
vulnerabilities.vulnerability.threatIntel.highDataLoss:
true
Show assets that don't have threats due to high data loss
vulnerabilities.vulnerability.threatIntel.highDataLoss:
false
Examples
Show assets with threats due to exploit kit
vulnerabilities.vulnerability.threatIntel.exploitKit:
true
Show assets that don't have threats due to exploit kit
vulnerabilities.vulnerability.threatIntel.exploitKit:
false
Examples
Show assets with threats due to high lateral movement
vulnerabilities.vulnerability.threatIntel.highLateralMovement:
true
Show assets that don't have threats due to high lateral movement
vulnerabilities.vulnerability.threatIntel.highLateralMovement:
false
vulnerabilities.vulnerability.threatIntel.malwarevulnerabilities.vulnerability.threatIntel.malware
Examples
Show assets with threats due to malware
vulnerabilities.vulnerability.threatIntel.malware: true
Show assets that don't have threats due to malware
vulnerabilities.vulnerability.threatIntel.malware: false
vulnerabilities.vulnerability.threatIntel.noPatchvulnerabilities.vulnerability.threatIntel.noPatch
Examples
Show assets with threats due to no patch available
vulnerabilities.vulnerability.threatIntel.noPatch: true
Show assets that don't have threats due to no patch available
vulnerabilities.vulnerability.threatIntel.noPatch: false
Example
Show assets with threats due to public exploit
vulnerabilities.vulnerability.threatIntel.publicExploit:
true
Show assets that don't have threats due to public exploit
vulnerabilities.vulnerability.threatIntel.publicExploit:
false
vulnerabilities.vulnerability.threatIntel.zeroDayvulnerabilities.vulnerability.threatIntel.zeroDay
Examples
Show assets with threats due to zero day exploit
vulnerabilities.vulnerability.threatIntel.zeroDay: true
Show assets that don't have threats due to zero day exploit
vulnerabilities.vulnerability.threatIntel.zeroDay: false
vulnerabilities.vulnerability.threatIntel.wormablevulnerabilities.vulnerability.threatIntel.wormable
Examples
Show assets with wormable threats
vulnerabilities.vulnerability.threatIntel.wormable: "true"
Examples
Show assets with predicted high risk threat
vulnerabilities.vulnerability.threatIntel.predictedHighRisk:
"true"
Examples
Show assets with unauthenticated exploitation threat
vulnerabilities.vulnerability.threatIntel.unauthenticatedExploitation:
"true"
Examples
Show assets with remote code execution threat
vulnerabilities.vulnerability.threatIntel.remoteCodeExecution:
"true"
Examples
Show assets with privilege escalation threat
vulnerabilities.vulnerability.threatIntel.privilegeEscalation:
"true"
Examples
Show assets with ransomeware threat
vulnerabilities.vulnerability.threatIntel.ransomware:
"true"
Examples
Show assets with Solorigate/Sunburst threat
vulnerabilities.vulnerability.threatIntel.solorigateSunburst:
"true"
Examples
Show assets with threats due to CISA exploit
vulnerabilities.vulnerability.threatIntel.cisaKnownExploitedVulns:
true
Show assets that don't have threats due to CISA exploit
vulnerabilities.vulnerability.threatIntel.cisaKnownExploitedVulns:
false