Vulnerabilities Query Filters
Copy for LLM
Copy page as Markdown for LLMs
View as Markdown
Open this page as Markdown
Open in ChatGPT
Get insights from ChatGPT
Open in Claude
Get insights from Claude

This document provides details on the filters supported by each provider for each API operation. Filters can be used to restrict the results of an API operation, such as filtering by a specific field or value.

They are used in conjunction with the filter query parameter in the API request.

CrowdStrike Falcon® Spotlight filters for `query_assets`

Field	Operators	Supported Values
device.hostname	eq	string
device.ip	eq	string
device.last_seen_time	gte, lte	datetime
device.mac	eq	string

Nucleus VM filters for `query_assets`

Field	Operators	Supported Values
device.hostname	eq	string
device.ip	eq	string

Qualys VMDR filters for `query_assets`

Field	Operators	Supported Values
device.hostname	eq	string
device.ip	eq	string
device.last_seen_time	gte	datetime
device.mac	eq	string

Rapid7 InsightVM filters for `query_assets`

Field	Operators	Supported Values
device.hostname	eq, in	string
device.ip	eq, in	string
device.last_seen_time	gte	datetime
device.mac	eq, in	string

ServiceNow Vulnerability Response filters for `query_assets`

Field	Operators	Supported Values
device.hostname	eq	string
device.ip	eq	string
device.last_seen_time	gte	datetime
device.mac	eq	string
device.name	eq	string

Tanium VM filters for `query_assets`

Field	Operators	Supported Values
device.hostname	eq	string
device.ip	eq	string
device.last_seen_time	gte	datetime
device.mac	eq	string

Tenable VM filters for `query_assets`

Field	Operators	Supported Values
device.hostname	eq	string
device.ip	eq	string
device.last_seen_time	gte	datetime
device.mac	eq	string

[MOCK] Qualys VMDR filters for `query_assets`

Field	Operators	Supported Values
device.hostname	eq	string
device.ip	eq	string
device.last_seen_time	gte	datetime
device.mac	eq	string

[MOCK] Rapid7 InsightVM Cloud filters for `query_assets`

Field	Operators	Supported Values
device.hostname	eq, in	string
device.ip	eq, in	string
device.last_seen_time	gte	datetime
device.mac	eq, in	string

[MOCK] Tanium Vulnerability Management filters for `query_assets`

Field	Operators	Supported Values
device.hostname	eq	string
device.ip	eq	string
device.last_seen_time	gte	datetime
device.mac	eq	string

[Mock] CrowdStrike Falcon® Spotlight filters for `query_assets`

Field	Operators	Supported Values
device.hostname	eq	string
device.ip	eq	string
device.last_seen_time	gte, lte	datetime
device.mac	eq	string

CrowdStrike Falcon® Spotlight filters for `query_findings`

Field	Operators	Supported Values
finding.first_seen_time	gte, lte	datetime
finding.last_seen_time	gte, lte	datetime
severity	eq, in	critical, high, medium, low, info

Nucleus VM filters for `query_findings`

Field	Operators	Supported Values
severity	eq	critical, high, medium, low, info

Qualys VMDR filters for `query_findings`

Field	Operators	Supported Values
finding.first_seen_time	gte, lte	datetime
finding.last_seen_time	gte, lte	datetime
severity	eq, in	critical, high, medium, low, info

Rapid7 InsightVM filters for `query_findings`

Field	Operators	Supported Values
finding.first_seen_time	gte, lte	datetime
finding.last_seen_time	gte, lte	datetime
severity	eq, in	critical, high, medium, low, info

ServiceNow Vulnerability Response filters for `query_findings`

Field	Operators	Supported Values
finding.first_seen_time	gte, lte	datetime
finding.last_seen_time	gte, lte	datetime
severity	eq, in	critical, high, medium, low, info

Tanium VM filters for `query_findings`

Field	Operators	Supported Values
finding.first_seen_time	gte, lte	datetime
finding.last_seen_time	gte, lte	datetime
severity	eq, in	critical, high, medium, low, info

Tenable VM filters for `query_findings`

Field	Operators	Supported Values
finding.first_seen_time	gte	datetime
finding.last_seen_time	gte	datetime
severity	eq, in	critical, high, medium, low, info

[MOCK] Qualys VMDR filters for `query_findings`

Field	Operators	Supported Values
finding.first_seen_time	gte, lte	datetime
finding.last_seen_time	gte, lte	datetime
severity	eq, in	critical, high, medium, low, info

[MOCK] Rapid7 InsightVM Cloud filters for `query_findings`

Field	Operators	Supported Values
finding.first_seen_time	gte, lte	datetime
finding.last_seen_time	gte, lte	datetime
severity	eq, in	critical, high, medium, low, info

[MOCK] Tanium Vulnerability Management filters for `query_findings`

Field	Operators	Supported Values
finding.first_seen_time	gte, lte	datetime
finding.last_seen_time	gte, lte	datetime
severity	eq, in	critical, high, medium, low, info

[Mock] CrowdStrike Falcon® Spotlight filters for `query_findings`

Field	Operators	Supported Values
finding.first_seen_time	gte, lte	datetime
finding.last_seen_time	gte, lte	datetime
severity	eq, in	critical, high, medium, low, info

Vulnerabilities Query FiltersCopyCopy for LLMCopy page as Markdown for LLMsView as MarkdownOpen this page as MarkdownOpen in ChatGPTGet insights from ChatGPTOpen in ClaudeGet insights from Claude

CrowdStrike Falcon® Spotlight filters for query_assets

Nucleus VM filters for query_assets

Qualys VMDR filters for query_assets

Rapid7 InsightVM filters for query_assets

ServiceNow Vulnerability Response filters for query_assets

Tanium VM filters for query_assets

Tenable VM filters for query_assets

[MOCK] Qualys VMDR filters for query_assets

[MOCK] Rapid7 InsightVM Cloud filters for query_assets

[MOCK] Tanium Vulnerability Management filters for query_assets

[Mock] CrowdStrike Falcon® Spotlight filters for query_assets

CrowdStrike Falcon® Spotlight filters for query_findings

Nucleus VM filters for query_findings

Qualys VMDR filters for query_findings

Rapid7 InsightVM filters for query_findings

ServiceNow Vulnerability Response filters for query_findings

Tanium VM filters for query_findings

Tenable VM filters for query_findings

[MOCK] Qualys VMDR filters for query_findings

[MOCK] Rapid7 InsightVM Cloud filters for query_findings

[MOCK] Tanium Vulnerability Management filters for query_findings

[Mock] CrowdStrike Falcon® Spotlight filters for query_findings

Was this helpful?