Vulnerabilities Query Filters

This document provides details on the filters supported by each provider for each API operation. Filters can be used to restrict the results of an API operation, such as filtering by a specific field or value.

They are used in conjunction with the filter query parameter in the API request.

CrowdStrike Spotlight filters for `query_assets`

Field	Operators	Supported Values
device.hostname	eq	string
device.ip	eq	string
device.last_seen_time	gte	datetime
device.mac	eq	string

Nucleus Vulnerability Management filters for `query_assets`

Field	Operators	Supported Values
device.hostname	eq	string
device.ip	eq	string

Qualys VMDR filters for `query_assets`

Field	Operators	Supported Values
device.hostname	eq	string
device.ip	eq	string
device.last_seen_time	gte	datetime
device.mac	eq	string

Rapid7 InsightVM Cloud filters for `query_assets`

Field	Operators	Supported Values
device.hostname	eq	string
device.ip	eq	string
device.last_seen_time	gte	datetime
device.mac	eq	string

Tanium Vulnerability Management filters for `query_assets`

Field	Operators	Supported Values
device.hostname	eq	string
device.ip	eq	string
device.last_seen_time	gte	datetime
device.mac	eq	string

Tenable Vulnerability Management filters for `query_assets`

Field	Operators	Supported Values
device.hostname	eq	string
device.ip	eq	string
device.last_seen_time	gte	datetime
device.mac	eq	string

CrowdStrike Spotlight filters for `query_findings`

Field	Operators	Supported Values
finding.first_seen_time	gte	datetime
finding.last_seen_time	gte	datetime
severity	eq, in	critical, high, medium, low, info

Nucleus Vulnerability Management filters for `query_findings`

Field	Operators	Supported Values
severity	eq	critical, high, medium, low, info

Qualys VMDR filters for `query_findings`

Field	Operators	Supported Values
finding.first_seen_time	gte	datetime
finding.last_seen_time	gte	datetime
severity	eq, in	critical, high, medium, low, info

Rapid7 InsightVM Cloud filters for `query_findings`

Field	Operators	Supported Values
finding.first_seen_time	gte	datetime
finding.last_seen_time	gte	datetime
severity	eq, in	critical, high, medium, low, info

Tanium Vulnerability Management filters for `query_findings`

Field	Operators	Supported Values
finding.first_seen_time	gte	datetime
finding.last_seen_time	gte	datetime
severity	eq, in	critical, high, medium, low, info

Tenable Vulnerability Management filters for `query_findings`

Field	Operators	Supported Values
finding.first_seen_time	gte	datetime
finding.last_seen_time	gte	datetime
severity	eq, in	critical, high, medium, low, info

Vulnerabilities Query Filters

CrowdStrike Spotlight filters for query_assets

Nucleus Vulnerability Management filters for query_assets

Qualys VMDR filters for query_assets

Rapid7 InsightVM Cloud filters for query_assets

Tanium Vulnerability Management filters for query_assets

Tenable Vulnerability Management filters for query_assets

CrowdStrike Spotlight filters for query_findings

Nucleus Vulnerability Management filters for query_findings

Qualys VMDR filters for query_findings

Rapid7 InsightVM Cloud filters for query_findings

Tanium Vulnerability Management filters for query_findings

Tenable Vulnerability Management filters for query_findings

Was this helpful?