Vulnerabilities Query Filters

This document provides details on the filters supported by each provider for each API operation. Filters can be used to restrict the results of an API operation, such as filtering by a specific field or value.

They are used in conjunction with the filter query parameter in the API request.

CrowdStrike Falcon® Spotlight filters for `query_assets`

Field	Operators	Supported Values
device.hostname	eq	string
device.ip	eq	string
device.last_seen_time	gte	datetime
device.mac	eq	string

Nucleus VM filters for `query_assets`

Field	Operators	Supported Values
device.hostname	eq	string
device.ip	eq	string

Qualys VMDR filters for `query_assets`

Field	Operators	Supported Values
device.hostname	eq	string
device.ip	eq	string
device.last_seen_time	gte	datetime
device.mac	eq	string

Rapid7 InsightVM filters for `query_assets`

Field	Operators	Supported Values
device.hostname	eq, in	string
device.ip	eq, in	string
device.last_seen_time	gte	datetime
device.mac	eq, in	string

Tanium VM filters for `query_assets`

Field	Operators	Supported Values
device.hostname	eq	string
device.ip	eq	string
device.last_seen_time	gte	datetime
device.mac	eq	string

Tenable VM filters for `query_assets`

Field	Operators	Supported Values
device.hostname	eq	string
device.ip	eq	string
device.last_seen_time	gte	datetime
device.mac	eq	string

[MOCK] Qualys VMDR filters for `query_assets`

Field	Operators	Supported Values

[MOCK] Rapid7 InsightVM Cloud filters for `query_assets`

Field	Operators	Supported Values

[MOCK] Tanium Vulnerability Management filters for `query_assets`

Field	Operators	Supported Values

CrowdStrike Falcon® Spotlight filters for `query_findings`

Field	Operators	Supported Values
finding.first_seen_time	gte	datetime
finding.last_seen_time	gte	datetime
severity	eq, in	critical, high, medium, low, info

Nucleus VM filters for `query_findings`

Field	Operators	Supported Values
severity	eq	critical, high, medium, low, info

Qualys VMDR filters for `query_findings`

Field	Operators	Supported Values
finding.first_seen_time	gte, lte	datetime
finding.last_seen_time	gte, lte	datetime
severity	eq, in	critical, high, medium, low, info

Rapid7 InsightVM filters for `query_findings`

Field	Operators	Supported Values
finding.first_seen_time	gte, lte	datetime
finding.last_seen_time	gte, lte	datetime
severity	eq, in	critical, high, medium, low, info

Tanium VM filters for `query_findings`

Field	Operators	Supported Values
finding.first_seen_time	gte, lte	datetime
finding.last_seen_time	gte, lte	datetime
severity	eq, in	critical, high, medium, low, info

Tenable VM filters for `query_findings`

Field	Operators	Supported Values
finding.first_seen_time	gte	datetime
finding.last_seen_time	gte	datetime
severity	eq, in	critical, high, medium, low, info

[MOCK] Qualys VMDR filters for `query_findings`

Field	Operators	Supported Values

[MOCK] Rapid7 InsightVM Cloud filters for `query_findings`

Field	Operators	Supported Values

[MOCK] Tanium Vulnerability Management filters for `query_findings`

Field	Operators	Supported Values

Vulnerabilities Query Filters

CrowdStrike Falcon® Spotlight filters for query_assets

Nucleus VM filters for query_assets

Qualys VMDR filters for query_assets

Rapid7 InsightVM filters for query_assets

Tanium VM filters for query_assets

Tenable VM filters for query_assets

[MOCK] Qualys VMDR filters for query_assets

[MOCK] Rapid7 InsightVM Cloud filters for query_assets

[MOCK] Tanium Vulnerability Management filters for query_assets

CrowdStrike Falcon® Spotlight filters for query_findings

Nucleus VM filters for query_findings

Qualys VMDR filters for query_findings

Rapid7 InsightVM filters for query_findings

Tanium VM filters for query_findings

Tenable VM filters for query_findings

[MOCK] Qualys VMDR filters for query_findings

[MOCK] Rapid7 InsightVM Cloud filters for query_findings

[MOCK] Tanium Vulnerability Management filters for query_findings

Was this helpful?