You can use the search tokens available in the Scan List tab and refine your search results. Click each token to learn more about it.
Example
Find web applications with certain scan status and tag
webapp.lastScanStatus:"SUBMITTED" AND webapp.tags.name: "MS WAS 1000 Webapp"
Example
Show web applications that don't have last scan status as CANCELED
NOT webapp.lastScanStatus:"CANCELED"
Example
Show findings with one of these id values
vulnerability.id:3758394 OR vulnerability.id:3495166
Use these search tokens to find scan list.
scan.authenticationRecord.namescan.authenticationRecord.name
Examples
Find scans with the authentication record that contains part of the given name
scan.authenticationRecord.name: "Test"
Find scans with the given authentication record name
scan.authenticationRecord.name: `Test`
scan.authStatusscan.authStatus
Example
Find scans with specified authentication status type
scan.authStatus:NOT_USED
scan.cancelledBy.firstNamescan.cancelledBy.firstName
Example
Find scans that are canceled by the user whose first name is Chandler
scan.cancelledBy.firstName: Chandler
scan.cancelledBy.lastNamescan.cancelledBy.lastName
Example
Find scans that are canceled by the user whose last name is Bing
scan.cancelledBy.lastName: Bing
scan.cancelledBy.usernamescan.cancelledBy.username
Example
Find scans that are canceled by the user whose username is quays_pp
scan.cancelledBy.username: quays_pp
scan.cancelModescan.cancelMode
Example
Find scans canceled by the user, that is, cancel mode as USER
scan.cancelMode:USER
Example
Find the scans with scan category as MULTI
scan.category: "MULTI"
scan.dnsOverride.namescan.dnsOverride.name
Examples
Find scans that contain part of the given DNS override record name
scan.dnsOverride.name:"Test"
Find scans with the given DNS override record name
scan.dnsOverride.name:`Test`
Examples
Find scans that ended in past 6 months
scan.endDate:[now-6M .. now]
Find scans that ended on specified date
scan.endDate: "2020-03-20"
Find scans that ended after a specified date
scan.endDate >"2020-03-20"
Find scans that ended between March 2020 to Dec 2020
scan.endDate:[2020-03-01 .. 2020-12-31]
scan.scanTrustEnabledscan.scanTrustEnabled
Examples
Find scans for which the scan trust option is enabled
scan.scanTrustEnabled: true
Find scans for which the scan trust option is disabled
scan.scanTrustEnabled: false
scan.excludedQidsscan.excludedQids
Example
Find scans with given QID excluded
scan.excludedQids:150124
Example
Find the scan with the given ID
scan.id: 9725
Example
Find scans that have Information Gathered detections count as 10
scan.igCount:10
scan.inScopeQidsscan.inScopeQids
Use an integer value to find scans with given QIDs in the scan scope.
Example
Find scans with given QIDs in scan scope
scan.inScopeQids:150124
scan.launchedBy.firstNamescan.launchedBy.firstName
Example
Find scans that are launched by the user whose first name is Chandler
scan.launchedBy.firstName: Chandler
scan.launchedBy.lastNamescan.launchedBy.lastName
Example
Find scans that are launched by the user whose last name is Bing
scan.launchedBy.lastName: Bing
scan.launchedBy.usernamescan.launchedBy.username
Example
Select scans which updated by the user whose username is quays_pp
scan.launchedBy.username: quays_pp
scan.linksCrawledscan.linksCrawled
Example
Find scan with given links crawled count
scan.linksCrawled:100
scan.level1VulnCountscan.level1VulnCount
Example
Find scans with given level 1 vulnerability count
scan.level1VulnCount:100
scan.level2VulnCountscan.level2VulnCount
Example
Find scans with given level 2 vulnerability count
scan.level2VulnCount:100
scan.level3VulnCountscan.level3VulnCount
Example
Find scans with given level 3 vulnerability count
scan.level3VulnCount:100
scan.level4VulnCountscan.level4VulnCount
Example
Find scans with given level 4 vulnerability count
scan.level4VulnCount:100
scan.level5VulnCountscan.level5VulnCount
Example
Find scans with given level 5 vulnerability count
scan.level5VulnCount:100
Example
Find scans with specified scan mode
scan.mode:On-Demand API
Examples
Find scans that contain a part of the given name
scan.name:"TestScan"
Find scans with the given name
scan.name:`TestScan`
scan.optionProfile.namescan.optionProfile.name
Examples
Find scans that contain part of the given option profile name
scan.optionProfile.name:"TestScan"
Find scans with the given option profile name
scan.optionProfile.name:`TestScan`
scan.parent.namescan.parent.name
Examples
Find slice (child) scans that contain part of the given parent scan name
scan.parent.name:"TestScan"
Find slice (child) scans with the given parent scan name
scan.parent.name:`TestScan`
scan.progressiveScanningEnabledscan.progressiveScanningEnabled
Examples
Find scans for which progressive scanning is enabled
scan.progressiveScanningEnabled:true
Find scans for which progressive scanning is disabled
scan.progressiveScanningEnabled:false
scan.proxy.namescan.proxy.name
Example
Find scans that contain part of the given proxy name
scan.proxy.name:"TestProxy"
Find scans with the given proxy name
scan.proxy.name:`TestProxy`
scan.scannerAppliance.namescan.scannerAppliance.name
Examples
Find scans that contain a part of the given Scanner Appliance name
scan.scannerAppliance.name:"TestProxy"
Find scans with the given Scanner Appliance name
scan.scannerAppliance.name:`TestProxy`
scan.scannerApplianceTags.namescan.scannerApplianceTags.name
Example
Find scans that contain part of the given tag name added to the scanner appliance
scan.scannerApplianceTags.name:"TestProxy"
Find scans with the given tag name added to the scanner appliance
scan.scannerApplianceTags.name:`TestProxy`
scan.scannerTypescan.scannerType
Example
Find scans the with specified scanner type
scan.scannerType:EXTERNAL
Example
Find scans with given scan reference
scan.reference:`abc`
Example
Find scans with the specified scan type
scan.type:DISCOVERY
scan.schedule.namescan.schedule.name
Examples
Find scans that contain a part of the given scan schedule name
scan.schedule.name:"TestSchedule"
Find scans with the given scan schedule name
scan.schedule.name:`TestSchedule`
Example
Find scans with given risk
scan.risk:4
scan.sensitiveContentCountscan.sensitiveContentCount
Example
Find scans with the given sensitive content count
scan.sensitiveContentCount:40
Example
Find scans with the specified scan severity
scan.severity:MEDIUM
Examples
Find scans that started in past 6 months
scan.startDate:[now-6M .. now]
Find scans that started on specified date
scan.startDate:"2020-03-20"
Find scans that started after a specified date
scan.startDate>"2020-03-20"
Select scans started between March 2020 to Dec 2020
scan.startDate:[2020-03-01 .. 2020-12-31]
Example
Find scans with the specified scan consolidated status
scan.status:FINISHED
scan.target.urlscan.target.url
Examples
Find scans that contain part of the given target url
scan.target.url:"https://www.qualys.com"
Find scans that contain the given target url
scan.target.url:`https://www.qualys.com`
scan.target.asset.namescan.target.asset.name
Examples
Find scans that contain part of the given target web application name
scan.target.asset.name:"assetName"
Find scans that contain the given target web application name
scan.target.asset.name:`assetName`
scan.totalVulnCountscan.totalVulnCount
Example
Find scans with given total vulnerability count
scan.totalVulnCount:50
Example
Find scans that were updated in past 6 months
scan.updated:[now-6M .. now]
Select scans that were updated on specified date
scan.updated:"2020-03-20"
Select scans that were updated after a specified date
scan.updated>"2020-03-20"
Select scans that were updated between March 2020 to Dec 2020
scan.updated:[2020-03-01 .. 2020-12-31]
Example
Find scans with given scan uuid
scan.uuid:`17eeec0b2-abf4-4d7b-877a-13146ddadccf`
scan.findings.criticalityscan.findings.criticality
Example
Find scans with specified detection criticality
scan.findings:(criticality:HIGH )
scan.findings.cvss3Info.baseScorescan.findings.cvss3Info.baseScore
Examples
Find scans with detection's CVSS3 base score greater than 7
scan.findings:(cvss3Info.baseScore >7)
Find scans with detection's CVSS3 base score less than or equal to 7
scan.findings:(cvss3Info.baseScore <=7)
Find scans with detection's CVSS3 base score equal to 7
scan.findings:(cvss3Info.baseScore:7)
scan.findings.cvss3Info.temporalScorescan.findings.cvss3Info.temporalScore
Examples
Find scans with detection's CVSS3 temporal score greater than 7
scan.finding:(cvss3Info.temporalScore>7)
Find scans with detection's CVSS3 temporal score less than or equal to 7
scan.findings:(cvss3Info.temporalScore<= 7)
Find scans with detection's CVSS3 temporal score equal to 7
scan.findings:(cvss3Info.temporalScore:7)
scan.findings.cweIdsscan.findings.cweIds
Example
Find scans with the given CWE ID associated to scan detections
scan.findings:(cweIds:`CWE-56`)
scan.findings.groupNamescan.findings.groupName
Example
Find scans that have given group name associated to scan detections
scan.findings:(groupName:`Cross-Site Scripting`)
scan.findings.groupTitlescan.findings.groupTitle
Example
Find scans that have given group title associated to scan detections
scan.findings:(groupTitle:`XSS`)
scan.findings.titlescan.findings.title
Example
Find scans with the given scan detection's title
scan.findings:(title:`Test Detection`)
scan.findings.owaspTopTen.idscan.findings.owaspTopTen.id
Example
Find scan where scan detection's owaspTopTen2021 category ID is 7
scan.findings:(owaspTopTen.id:7)
The following list provides the ID and corresponding vulnerability name.
1: Broken Access Control
2: Cryptographic Failures
3: Injection
4: Insecure Design
5: Security Misconfiguration
6: Vulnerable and Outdated Components
7: Identification and Authentication Failures
8: Software and Data Integrity Failures
9: Security Logging and Monitoring Failures
10: Server Side Request Forgery (SSRF)
scan.findings.owaspTopTen.namescan.findings.owaspTopTen.name
Example
Find scans where scan detection's owaspTopTen2021 category name is "Identification and Authentication Failures"
scan.findings:(owaspTopTen.name:`Identification and Authentication Failures`)
scan.findings.paramscan.findings.param
Example
Find scans where the parameter 'comment.comment from url' is used for confirming detection
scan.findings:(param:`comment.comment from url`)
scan.findings.paramTypescan.findings.paramType
Example
Select scans where parameter type 'cookie' is used for confirming detection
scan.findings:(paramType:`Cookie`)
scan.findings.qidscan.findings.qid
Use an integer to find scans with the scan's detection reported with the given qid.
Examples
Find scans with scan detection reported with the given qid
scan.findings:(qid: 150001)
Find scans with either of the scan detections qid from list
scan.findings:(qid:[150001, 150100, 150009])
scan.findings.severityscan.findings.severity
Examples
Find scans with scan detection's severity greater than 3
scan.findings:(severity>3)
Find scans with scan detection's severity less than or equal to 3
scan.findings:(severity<=3)
Select scans with scan detection's severity 3
scan.findings:(severity:3)
scan.findings.originalSeverityscan.findings.originalSeverity
Examples
Select scans with scan detection's original severity greater than 3
scan.findings:(originalSeverity>3)
Select scans with scan detection's original severity less than or equal to 3
scan.findings:(originalSeverity<=3)
Select scans with scan detection's original severity 3
scan.findings:(originalSeverity:3)
scan.findings.typeDetectedscan.findings.typeDetected
Examples
Find scans where detections of the scan are of CONFIRMED_VULNERABILITY type
scan.findings:(typeDetected:CONFIRMED_VULNERABILITY)
Find scans where detections of the scan are of either POTENTIAL_VULNERABILITY or SENSITIVE_CONTENT type
scan.findings:(typeDetected:[POTENTIAL_VULNERABILITY, SENSITIVE_CONTENT])
scan.findings.urlscan.findings.url
Examples
Find scans with a part of the given URL associated with the scan detections
scan.findings:(url:"https://www.qualys.com")
Find scans with the given URL associated with the scan detections
scan.findings:(url:`https://www.qualys.com`)
scan.findings.uuidscan.findings.uuid
Example
Find scans with given scan's detection uuid
scan.findings:(uuid:`17eeec0b2-abf4-4d7b-877a-13146ddadccf`)
scan.findings.idscan.findings.id
Example
Find scans with given scan's detection id
scan.findings:(id:`123`)
scan.findings.vulnerability.idscan.findings.vulnerability.id
Example
Find scans with given local reference of the finding as provided in the scan result
scan.findings:(vulnerability.id:123)