You can use the search tokens available in the Scan List tab and refine your search results. Click each token to learn more about it.
Generic | Scan List | Applications
Example
Find web applications with certain scan status and tag
webapp.lastScanStatus:"SUBMITTED" AND webapp.tags.name: "MS WAS 1000 Webapp"
Example
Show web applications that don't have last scan status as CANCELED
NOT webapp.lastScanStatus:"CANCELED"
Example
Show findings with one of these id values
vulnerability.id:3758394 OR vulnerability.id:3495166
Use these search tokens to find scan list.
scan.authenticationRecord.namescan.authenticationRecord.name
Examples
Find scans with the authentication record that contains part of the given name
scan.authenticationRecord.name: "Test"
Find scans with the given authentication record name
scan.authenticationRecord.name: `Test`
scan.authStatusscan.authStatus
Example
Find scans with specified authentication status type
scan.authStatus:NOT_USED
scan.cancelledBy.firstNamescan.cancelledBy.firstName
Example
Find scans that are canceled by the user whose first name is Chandler
scan.cancelledBy.firstName: Chandler
scan.cancelledBy.lastNamescan.cancelledBy.lastName
Example
Find scans that are canceled by the user whose last name is Bing
scan.cancelledBy.lastName: Bing
scan.cancelledBy.usernamescan.cancelledBy.username
Example
Find scans that are canceled by the user whose username is quays_pp
scan.cancelledBy.username: quays_pp
scan.cancelModescan.cancelMode
Example
Find scans canceled by the user, that is, cancel mode as USER
scan.cancelMode:USER
Example
Find the scans with scan category as MULTI
scan.category: "MULTI"
scan.dnsOverride.namescan.dnsOverride.name
Examples
Find scans that contain part of the given DNS override record name
scan.dnsOverride.name:"Test"
Find scans with the given DNS override record name
scan.dnsOverride.name:`Test`
Examples
Find scans that ended in past 6 months
scan.endDate:[now-6M .. now]
Find scans that ended on specified date
scan.endDate: "2020-03-20"
Find scans that ended after a specified date
scan.endDate >"2020-03-20"
Find scans that ended between March 2020 to Dec 2020
scan.endDate:[2020-03-01 .. 2020-12-31]
scan.scanTrustEnabledscan.scanTrustEnabled
Examples
Find scans for which the scan trust option is enabled
scan.scanTrustEnabled: true
Find scans for which the scan trust option is disabled
scan.scanTrustEnabled: false
scan.excludedQidsscan.excludedQids
Example
Find scans with given QID excluded
scan.excludedQids:150124
Example
Find the scan with the given ID
scan.id: 9725
Example
Find scans that have Information Gathered detections count as 10
scan.igCount:10
scan.inScopeQidsscan.inScopeQids
Use an integer value to find scans with given QIDs in the scan scope.
Example
Find scans with given QIDs in scan scope
scan.inScopeQids:150124
scan.launchedBy.firstNamescan.launchedBy.firstName
Example
Find scans that are launched by the user whose first name is Chandler
scan.launchedBy.firstName: Chandler
scan.launchedBy.lastNamescan.launchedBy.lastName
Example
Find scans that are launched by the user whose last name is Bing
scan.launchedBy.lastName: Bing
scan.launchedBy.usernamescan.launchedBy.username
Example
Select scans which updated by the user whose username is quays_pp
scan.launchedBy.username: quays_pp
scan.linksCrawledscan.linksCrawled
Example
Find scan with given links crawled count
scan.linksCrawled:100
scan.level1VulnCountscan.level1VulnCount
Example
Find scans with given level 1 vulnerability count
scan.level1VulnCount:100
scan.level2VulnCountscan.level2VulnCount
Example
Find scans with given level 2 vulnerability count
scan.level2VulnCount:100
scan.level3VulnCountscan.level3VulnCount
Example
Find scans with given level 3 vulnerability count
scan.level3VulnCount:100
scan.level4VulnCountscan.level4VulnCount
Example
Find scans with given level 4 vulnerability count
scan.level4VulnCount:100
scan.level5VulnCountscan.level5VulnCount
Example
Find scans with given level 5 vulnerability count
scan.level5VulnCount:100
Example
Find scans with specified scan mode
scan.mode:On-Demand API
Examples
Find scans that contain a part of the given name
scan.name:"TestScan"
Find scans with the given name
scan.name:`TestScan`
scan.optionProfile.namescan.optionProfile.name
Examples
Find scans that contain part of the given option profile name
scan.optionProfile.name:"TestScan"
Find scans with the given option profile name
scan.optionProfile.name:`TestScan`
scan.parent.namescan.parent.name
Examples
Find slice (child) scans that contain part of the given parent scan name
scan.parent.name:"TestScan"
Find slice (child) scans with the given parent scan name
scan.parent.name:`TestScan`
scan.progressiveScanningEnabledscan.progressiveScanningEnabled
Examples
Find scans for which progressive scanning is enabled
scan.progressiveScanningEnabled:true
Find scans for which progressive scanning is disabled
scan.progressiveScanningEnabled:false
scan.proxy.namescan.proxy.name
Example
Find scans that contain part of the given proxy name
scan.proxy.name:"TestProxy"
Find scans with the given proxy name
scan.proxy.name:`TestProxy`
scan.scannerAppliance.namescan.scannerAppliance.name
Examples
Find scans that contain a part of the given Scanner Appliance name
scan.scannerAppliance.name:"TestProxy"
Find scans with the given Scanner Appliance name
scan.scannerAppliance.name:`TestProxy`
scan.scannerApplianceTags.namescan.scannerApplianceTags.name
Example
Find scans that contain part of the given tag name added to the scanner appliance
scan.scannerApplianceTags.name:"TestProxy"
Find scans with the given tag name added to the scanner appliance
scan.scannerApplianceTags.name:`TestProxy`
scan.scannerTypescan.scannerType
Example
Find scans the with specified scanner type
scan.scannerType:EXTERNAL
Example
Find scans with given scan reference
scan.reference:`abc`
Example
Find scans with the specified scan type
scan.type:DISCOVERY
scan.schedule.namescan.schedule.name
Examples
Find scans that contain a part of the given scan schedule name
scan.schedule.name:"TestSchedule"
Find scans with the given scan schedule name
scan.schedule.name:`TestSchedule`
Example
Find scans with given risk
scan.risk:4
scan.sensitiveContentCountscan.sensitiveContentCount
Example
Find scans with the given sensitive content count
scan.sensitiveContentCount:40
Example
Find scans with the specified scan severity
scan.severity:MEDIUM
Examples
Find scans that started in past 6 months
scan.startDate:[now-6M .. now]
Find scans that started on specified date
scan.startDate:"2020-03-20"
Find scans that started after a specified date
scan.startDate>"2020-03-20"
Select scans started between March 2020 to Dec 2020
scan.startDate:[2020-03-01 .. 2020-12-31]
Example
Find scans with the specified scan consolidated status
scan.status:FINISHED
scan.target.urlscan.target.url
Examples
Find scans that contain part of the given target url
scan.target.url:"https://www.qualys.com"
Find scans that contain the given target url
scan.target.url:`https://www.qualys.com`
scan.target.asset.namescan.target.asset.name
Examples
Find scans that contain part of the given target web application name
scan.target.asset.name:"assetName"
Find scans that contain the given target web application name
scan.target.asset.name:`assetName`
scan.totalVulnCountscan.totalVulnCount
Example
Find scans with given total vulnerability count
scan.totalVulnCount:50
Example
Find scans that were updated in past 6 months
scan.updated:[now-6M .. now]
Select scans that were updated on specified date
scan.updated:"2020-03-20"
Select scans that were updated after a specified date
scan.updated>"2020-03-20"
Select scans that were updated between March 2020 to Dec 2020
scan.updated:[2020-03-01 .. 2020-12-31]
Example
Find scans with given scan uuid
scan.uuid:`17eeec0b2-abf4-4d7b-877a-13146ddadccf`
scan.findings.criticalityscan.findings.criticality
Example
Find scans with specified detection criticality
scan.findings:(criticality:HIGH )
scan.findings.cvss3Info.baseScorescan.findings.cvss3Info.baseScore
Examples
Find scans with detection's CVSS3 base score greater than 7
scan.findings:(cvss3Info.baseScore >7)
Find scans with detection's CVSS3 base score less than or equal to 7
scan.findings:(cvss3Info.baseScore <=7)
Find scans with detection's CVSS3 base score equal to 7
scan.findings:(cvss3Info.baseScore:7)
scan.findings.cvss3Info.temporalScorescan.findings.cvss3Info.temporalScore
Examples
Find scans with detection's CVSS3 temporal score greater than 7
scan.finding:(cvss3Info.temporalScore>7)
Find scans with detection's CVSS3 temporal score less than or equal to 7
scan.findings:(cvss3Info.temporalScore<= 7)
Find scans with detection's CVSS3 temporal score equal to 7
scan.findings:(cvss3Info.temporalScore:7)
scan.findings.cweIdsscan.findings.cweIds
Example
Find scans with the given CWE ID associated to scan detections
scan.findings:(cweIds:`CWE-56`)
scan.findings.groupNamescan.findings.groupName
Example
Find scans that have given group name associated to scan detections
scan.findings:(groupName:`Cross-Site Scripting`)
scan.findings.groupTitlescan.findings.groupTitle
Example
Find scans that have given group title associated to scan detections
scan.findings:(groupTitle:`XSS`)
scan.findings.titlescan.findings.title
Example
Find scans with the given scan detection's title
scan.findings:(title:`Test Detection`)
scan.findings.owaspTopTen.idscan.findings.owaspTopTen.id
Example
Find scan where scan detection's owaspTopTen2021 category ID is 7
scan.findings:(owaspTopTen.id:7)
The following list provides the ID and corresponding vulnerability name.
1: Broken Access Control
2: Cryptographic Failures
3: Injection
4: Insecure Design
5: Security Misconfiguration
6: Vulnerable and Outdated Components
7: Identification and Authentication Failures
8: Software and Data Integrity Failures
9: Security Logging and Monitoring Failures
10: Server Side Request Forgery (SSRF)
scan.findings.owaspApiTopTen.idscan.findings.owaspApiTopTen.id
Use an integer to find scans with detections with the given OWASP API top ten 2023 category ID.
Example
Find scan where scan detection's owaspApiTopTen2023 category ID is 7
scan.findings:(owaspApiTopTen.id:7)
The following list provides the ID and corresponding vulnerability name.
1: Broken Object Level Authorization
2: Broken Authentication
3: Broken Object Property Level Authorization
4: Unrestricted Resource Consumption
5: Broken Function Level Authorization
6: Unrestricted Access to Sensitive Business Flows
7: Server Side Request Forgery
8: Security Misconfiguration
9: Improper Inventory Management
10: Unsafe Consumption of APIs
scan.findings.owaspTopTen.namescan.findings.owaspTopTen.name
Example
Find scans where scan detection's owaspTopTen2021 category name is "Identification and Authentication Failures"
scan.findings:(owaspTopTen.name:`Identification and Authentication Failures`)
scan.findings.owaspApiTopTen.namescan.findings.owaspApiTopTen.name
Use a text value to find scans with detections with the given OWASP API top ten 2023 category name.
Example
Find scans where scan detection's owaspApiTopTen2023 category name is "Server Side Request Forgery"
scan.findings:(owaspApiTopTen.name:`Server Side Request Forgery`)
scan.findings.paramscan.findings.param
Example
Find scans where the parameter 'comment.comment from url' is used for confirming detection
scan.findings:(param:`comment.comment from url`)
scan.findings.paramTypescan.findings.paramType
Example
Select scans where parameter type 'cookie' is used for confirming detection
scan.findings:(paramType:`Cookie`)
scan.findings.qidscan.findings.qid
Use an integer to find scans with the scan's detection reported with the given qid.
Examples
Find scans with scan detection reported with the given qid
scan.findings:(qid: 150001)
Find scans with either of the scan detections qid from list
scan.findings:(qid:[150001, 150100, 150009])
scan.findings.severityscan.findings.severity
Examples
Find scans with scan detection's severity greater than 3
scan.findings:(severity>3)
Find scans with scan detection's severity less than or equal to 3
scan.findings:(severity<=3)
Select scans with scan detection's severity 3
scan.findings:(severity:3)
scan.findings.originalSeverityscan.findings.originalSeverity
Examples
Select scans with scan detection's original severity greater than 3
scan.findings:(originalSeverity>3)
Select scans with scan detection's original severity less than or equal to 3
scan.findings:(originalSeverity<=3)
Select scans with scan detection's original severity 3
scan.findings:(originalSeverity:3)
scan.findings.typeDetectedscan.findings.typeDetected
Examples
Find scans where detections of the scan are of CONFIRMED_VULNERABILITY type
scan.findings:(typeDetected:CONFIRMED_VULNERABILITY)
Find scans where detections of the scan are of either POTENTIAL_VULNERABILITY or SENSITIVE_CONTENT type
scan.findings:(typeDetected:[POTENTIAL_VULNERABILITY, SENSITIVE_CONTENT])
scan.findings.urlscan.findings.url
Examples
Find scans with a part of the given URL associated with the scan detections
scan.findings:(url:"https://www.qualys.com")
Find scans with the given URL associated with the scan detections
scan.findings:(url:`https://www.qualys.com`)
scan.findings.uuidscan.findings.uuid
Example
Find scans with given scan's detection uuid
scan.findings:(uuid:`17eeec0b2-abf4-4d7b-877a-13146ddadccf`)
scan.findings.idscan.findings.id
Example
Find scans with given scan's detection id
scan.findings:(id:`123`)
scan.findings.vulnerability.idscan.findings.vulnerability.id
Example
Find scans with given local reference of the finding as provided in the scan result
scan.findings:(vulnerability.id:123)
Use these search tokens to find web applications.
application.activatedForModulesapplication.activatedForModules
Use a text value ##### to find web applications that are activated for certain modules: WAS and WAF.
Examples
Find web applications activated for WAF.
application.activatedForModules:WAF
Find web applications which are activated for WAS or WAF modules.
application.activatedForModules:[WAS, WAF]
application.apiEndpointTypeapplication.apiEndpointType
Use a text value ##### to find applications that have certain endpoint types: BURP_PROXY, POSTMAN, SWAGGER, NONE.
Example
Find applications that have endpoint type as POSTMAN.
application.apiEndpointType:POSTMAN
application.attribute.nameapplication.attribute.name
Use values within quotes or backticks to find applications that have the given attribute name.
Examples
Find applications which have attribute name strut associated with it
application.attribute:(name:"strut")
Find applications which have attribute name strut and value 1.0.0
application.attribute:(name:"strut" and
value:"1.0.0")
application.attribute.valueapplication.attribute.value
Use values within quotes or backticks to find applications that have the given attribute value.
Examples
Find applications which have attribute value internal associated with it
application.attribute:(value:"internal")
Find applications which have attribute value internal and name app-type
application.attribute:(value:"internal" and
name:"app-type")
application.authenticationRecord.nameapplication.authenticationRecord.name
Use values within quotes or backticks to find applications that have authentication record with a given name.
Example
Find applications which have authentication record named Default Auth Record associated with it.
application.authenticationRecord:(name:"Default
Auth Record")
application.authenticationRecord.typeapplication.authenticationRecord.type
Use a text value ##### to find applications that have authentication records of certain types: AUTH_CODE, BASIC, CERTIFICATE, CLIENT_CREDS, CUSTOM, DIGEST, IMPLICIT, NTLM, PASSWORD, SELENIUM, STANDARD.
Examples
Find applications that have STANDARD type of authentication records associated with it.
application.authenticationRecord:(type:STANDARD)
Find applications with authentication record types as STANDARD, SELENIUM, or NTLM.
application.authenticationRecord:(type:[STANDARD, SELENIUM, NTLM])
application.authenticationRecord.categoryapplication.authenticationRecord.category
Use a text value ##### to find applications that have authentication records with certain categories: FORM_RECORD, OAUTH2_RECORD, SERVER_RECORD.
Example
Find applications that have authentication record category as FORM_RECORD.
application.authenticationRecord:(category:FORM_RECORD)
Use the values true | false to find applications that have authentication record(s) with client certificate enabled.
Examples
Find applications that have authentication record(s) with client certificate enabled
application.authenticationRecord:(hasClientCertificate:true)
Find a application(s) that has client certificate enabled for none of its authentication records
application.authenticationRecord:(hasClientCertificate:false)
application.authenticationRecord.hasVaultapplication.authenticationRecord.hasVault
Use the values true | false to find applications that have vault enabled.
Examples
Find a application(s) that has vault enabled for at least one of its authentication records
application.authenticationRecord:(hasVault:true)
Find a application(s) that has vault enabled for none of its authentication records
application.authenticationRecord:(hasVault:false)
Use a date range or specific date to find applications that were created on the given date or date range.
Examples
Show applications which were created in past 6 months
asset.created:[now-6M
... now]
Show applications which were created on a specified date
asset.created:"2021-07-20"
Show applications which were created after a specified date
asset.created>"2021-06-20"
Show applications created between March 2020 to July 2021
asset.created:[2020-03-01 .. 2021-7-31]
application.dnsOverride.nameapplication.dnsOverride.name
Use values within quotes or backticks to find applications that have given name for DNS override record.
Example
Find applications that have given DNS override record associated with it.
application.dnsOverride.name:"ProdDnsRecord"
application.hasDefaultAuthRecordapplication.hasDefaultAuthRecord
Use the values true | false to find applications that have default authentication record associated with it.
Examples
Find applications which have default authentication record associated with it
application.hasDefaultAuthRecord:true
Find applications which do not have any default authentication record associated with it
application.hasDefaultAuthRecord:false
Use an integer value ##### to find application with a given ID.
Example
Find application with a given ID
asset.id:83327
application.igCountapplication.igCount
Use an integer value ##### to find applications with a specified numbers of detections for information gathered.
Examples
Find applications for which greater than 30 detections of Information Gathered type are reported
application.igCount>30
Find applications for which less than or equal to 30 detections of Information Gathered type are reported
application.igCount<=30
Find applications for which 30 detections of Information Gathered type are reported
application.igCount=30
application.isScannedapplication.isScanned
Use the values true | false to find applications by their scan status.
Examples
Show applications which are scanned at least once
application.isScanned:true
Show applications which are never scanned
application.isScanned:false
application.lastScanAuthStatusapplication.lastScanAuthStatus
Use a text value ##### to find applications by authentication status of last scan launched: NOT_USED, NO_AUTH, SUCCESS, FAILURE, PARTIAL
Examples
Find applications for which authentication failed in their last scan
application.lastScanAuthStatus:FAILURE
Find applications for which authentication is either partially or completely successful in their last scan
application.lastScanAuthStatus:[SUCCESS, PARTIAL]
application.lastScannedapplication.lastScanned
Use a date range or specific date to find applications that were last scanned on the specified date or date range.
Examples
Find applications which were last scanned in past 6 months
application.lastScanned:[now-6M .. now]
Find applications which were last scanned on a specified date.
application.lastScanned:"2021-07-20"
Find applications which were last scanned after a specified date
application.lastScanned>"2021-07-20"
Find applications last scanned between December 2020 to July 2021
application.lastScanned:[2020-12-01 .. 2021-07-31]
application.lastScanStatusapplication.lastScanStatus
Use a text value ##### to find applications by last scan status: CANCELED, CANCELED WITH RESULTS, CANCELING, ERROR, FINISHED, NO HOST ALIVE, NO WEB SERVICE, PROCESSING, RUNNING, SCAN NOT LAUNCHED, SCANNER NOT AVAILABLE, SERVICE ERRORS DETECTED, SUBMITTED, TIME LIMIT EXCEEDED, TIME LIMIT REACHED.
Note: Use the single quotation marks for the values containing reserver characters - NOT. For example, 'SCANNER NOT LAUNCHED'.
Examples
Find applications whose last scan status was ERROR
application.lastScanStatus:ERROR
Find applications whose last scan status was SCAN NOT LAUNCHED
application.lastScanStatus:'SCAN NOT LAUNCHED'
Find applications whose last scan status was either FINISHED or CANCELED
application.lastScanStatus:[FINISHED, CANCELED]
application.lastScanTypeapplication.lastScanType
Use a text value ##### to find applications by type of last scan launched: VULNERABILITY, DISCOVERY, AUTHENTICATION_TEST.
Examples
Show applications whose last scan type was VULNERABILITY
application.lastScanType:VULNERABILITY
Show applications whose last scan type was either DISCOVERY OR AUTHENTICATION_TEST
application.lastScanType:[DISCOVERY, AUTHENTICATION_TEST]
application.lastScanUriCountapplication.lastScanUriCount
Use an integer value ##### to find applications by total number of URI detected in the last scan.
Examples
Find applications which have greater than 800 URI reported in the last scan.
application.lastScanUriCount>800
Find applications which have less than or equal to 800 URI reported in the last scan
application.lastScanUriCount<=800
Find applications which have 800 URI reported in the last scan
application.lastScanUriCount:800
application.level1VulnCountapplication.level1VulnCount
Use an integer value ##### to find applications by total number level 1 confirmed vulnerabilities .
Examples
Find applications which have greater than 30 vulnerabilities of level 1 reported
application.level1VulnCount>30
Find applications which have less than or equal to 30 vulnerabilities of level 1 reported
application.level1VulnCount<=30
Find applications which have 30 vulnerabilities of level 1 reported
application.level1VulnCount:30
application.level2VulnCountapplication.level2VulnCount
Use an integer value ##### to find applications by total number level 2 confirmed vulnerabilities .
Examples
Find applications which have greater than 26 vulnerabilities of level 2 reported
application.level2VulnCount>26
Find applications which have less than or equal to 26 vulnerabilities of level 2 reported
application.level2VulnCount<=26
Find applications which have 26 vulnerabilities of level 2 reported
application.level2VulnCount:26
application.level3VulnCountapplication.level3VulnCount
Use an integer value ##### to find applications by total number level 3 confirmed vulnerabilities.
Examples
Find applications which have greater than 24 vulnerabilities of level 3 reported
application.level3VulnCount>24
Find applications which have less than or equal to 24 vulnerabilities of level 3 reported
application.level3VulnCount<=24
Find applications which have 24 vulnerabilities of level 3 reported
application.level3VulnCount:24
application.level4VulnCountapplication.level4VulnCount
Use an integer value ##### to find applications by total number level 4 confirmed vulnerabilities .
Examples
Find applications which have greater than 14 vulnerabilities of level 4 reported
application.level4VulnCount>14
Find applications which have less than or equal to 14 vulnerabilities of level 4 reported
application.level4VulnCount<=14
Find applications which have 14 vulnerabilities of level 4 reported
application.level4VulnCount:14
application.level5VulnCountapplication.level5VulnCount
Use an integer value ##### to find applications by total number level 5 confirmed vulnerabilities .
Examples
Find applications which have greater than 7 vulnerabilities of level 5 reported
application.level5VulnCount>7
Find applications which have less than or equal to 7 vulnerabilities of level 5 reported
application.level5VulnCount<=7
Find applications which have 7 vulnerabilities of level 5 reported
application.level5VulnCount:7
application.malwareMonitoringEnabledapplication.malwareMonitoringEnabled
Use the values true | false to find applications for which malware monitoring is enabled.
Examples
Show applications for which malware monitoring is enabled
application.malwareMonitoringEnabled:true
Show applications for which malware monitoring is not enabled
application.malwareMonitoringEnabled:false
Use values within quotes or backticks to find applications with a given name.
Examples
Find applications that contain parts of name
asset.name:"qualys test vulnerable app"
Find application with exact name
asset.name:`qualys test vulnerable app`
application.optionProfile.nameapplication.optionProfile.name
Use values within quotes or backticks to find applications that have given option profile configured.
Examples
Find applications that contain parts of option profile name associated with it.
application.optionProfile.name:"WAS Options"
Find applications which have the given option profile associated with it.
application.optionProfile.name:`Initial WAS Options`
application.owner.firstNameapplication.owner.firstName
Use values within quotes or backticks to find applications with owner's first name.
Example
Find applications with owner's first name as Chandler
application.owner.firstName:"Chandler"
application.owner.lastNameapplication.owner.lastName
Use values within quotes or backticks to find applications with owner's last name.
Example
Find applications with owner's last name as Chandler
application.owner.lastName:"Bing"
application.owner.usernameapplication.owner.username
Use values within quotes or backticks to find applications with owner's username.
Example
Find applications with owner's username as user_ap
application.owner.username:"user_ap"
application.progressiveScanningEnabledapplication.progressiveScanningEnabled
Use the values true | false to find applications for which progressive scanning is enabled.
Example
Find applications which have progressive scanning enabled in the configuration.
application.progressiveScanningEnabled:"true"
application.proxy.nameapplication.proxy.name
Use values within quotes or backticks to find applications that have given proxy configured.
Examples
Find applications which have given part of the given proxy name associated with it
application.proxy.name:"WEB Default Proxy"
Find applications which have given proxy associated with it
application.proxy.name:`proxy1`
application.riskapplication.risk
Use an integer value ##### to find applications with a given risk value.
Examples
Find applications which have risk greater than or equal to 4
application.risk>=4
Find applications which have risk less than 3
application.risk<3
Find applications which have risk equal to 5
application.risk:5
application.scannerApplianceapplication.scannerAppliance
Examples
Find applications which have EXTENRAL scanner configured
application.scannerAppliance:"EXTERNAL"
Find applications which have configured "Internal Scanner 01" as default scanner appliance
application.scannerAppliance:"Internal Scanner
01"
application.scannerApplianceTags.nameapplication.scannerApplianceTags.name
Use values within quotes or backticks to find applications with a given scanner tags selected.
Examples
Find applications which have scanner appliance tag named "Internal Pool 01" associated with it
application.scannerApplianceTags.name:"Internal Pool 01"
Find applications which have scanner appliance tags named "Internal Pool 01" or "Internal Pool 02" associated with it
application.scannerApplianceTags.name:["Internal Pool 01", "Internal Pool 02"]
Find applications which have scanner appliance tags named `Target` associated with it
application.scannerApplianceTags.name:`Target1'
application.scanTrustEnabledapplication.scanTrustEnabled
Use the values true | false to find applications for which WAF authentication is enabled.
Example
Find applications for which scan trust is enabled.
application.scanTrustEnabled:"true"
application.sensitiveContentCountapplication.sensitiveContentCount
Examples
Find applications which have greater than 43 total sensitive content reported
application.sensitiveContentCount>43
Find applications which have less than or equal to 43 total sensitive content reported
application.sensitiveContentCount<=43
Find applications which have 43 total sensitive content reported
application.sensitiveContentCount:43
application.severityapplication.severity
Use a text value ##### to find applications that have certain severity: HIGH, MEDIUM, LOW, NONE.
Examples
Find applications which have HIGH severity
application.severity:HIGH
Find applications which have HIGH or MEDIUM severity
application.severity:[HIGH, MEDIUM]
application.totalVulnCountapplication.totalVulnCount
Use an integer value ##### to find applications that have specified number of total vulnerabilities.
Examples
Find applications for which total number of vulnerabilities is greater than 100
application.totalVulnCount>100
Find applications for which total number of vulnerabilities is less than or equal to 100
application.totalVulnCount<=100
Find applications applications for which total number of vulnerabilities reported is 100
application.totalVulnCount:100
application.totalMalwareVulnCountapplication.totalMalwareVulnCount
Use an integer value ##### to find applications that have specified number of total malware vulnerabilities.
Examples
Find applications for which total number of malware vulnerabilities is greater than 100
application.totalMalwareVulnCount>100
Find applications for which total number of malware vulnerabilities is less than or equal to 100
application.totalMalwareVulnCount<=100
Find applications applications for which total number of malware vulnerabilities reported is 100
application.totalMalwareVulnCount:100
Use a date range or specific date to find applications that were updated on the given date or date range.
Examples
Show applications which were updated in past 6 months
asset.updated:[now-6M
... now]
Show applications which were updated on a specified date
asset.updated:"2021-07-20"
Show applications which were updated after a specified date
asset.updated>"2021-06-20"
Show applications updated between March 2020 to July 2021
asset.updated:[2020-03-01 .. 2021-07-31]
asset.updatedBy.firstNameasset.updatedBy.firstName
Example
Find applications which are updated by the user whose first name is Chandler
asset.updatedBy.firstName:"Chandler"
asset.updatedBy.lastNameasset.updatedBy.lastName
Example
Find applications which are updated by the user whose last name is Bing
asset.updatedBy.lastName:"Bing"
asset.updatedBy.usernameasset.updatedBy.username
Example
Find applications which are updated by user whose username is user_ap
asset.updatedBy.username:"user_ap"
application.urlapplication.url
Examples
Find applications that have given URL
application.url:"http://test.com"
Find applications that match exact value "http://test.com"
application.url:`http://test.com`
Use values within quotes or backticks to find applications with the specified UUID.
Example
Find applications with a given UUID
asset.uuid:"17eeec0b2-abf4-4d7b-877a-13146ddadccf"
asset.riskScoreasset.riskScore
Examples
Find applications with TruRisk™ score 500
asset.riskScore:500
Find applications with TruRisk™ score greater than 500
asset.riskScore>500
Find applications with TruRisk™ score greater than or equal to 500
asset.riskScore>=500
asset.riskScoreRangeasset.riskScoreRange
Example
Find applications for which TruRisk™ score value is CRITICAL
asset.riskScoreRange:CRITICAL
application.typeapplication.type
Example
Find records that are web applications.
application.type:WEBAPP