Search Tokens for EDR

You can use search tokens to search for information in the respective tabs on the UI.

Events Search Tokens

Incidents Search Tokens

User Activity Search Tokens

Search Actions

Using our Search Query menu search action menu options, you can view the frequently-used QQL queries, save, and manage them with ease. You can create widgets from frequently used queries for easy reference in future. Looking for the different actions on the search queries, see  Search Actions.

Qualys Query Language

Qualys Query Language (QQL) is the easiest and the most powerful tool to search and access data. Start by creating queries to narrow down your search results to fetch information about various aspects of Endpoint Detection and Response.

Refer to these quick links to help topics in our QQL documentation to know how to form QQL queries.

I'm new to QQL, tell me the basics

User Interface Elements | Components of a Query | QQL Syntax | How to Search

I know the basics, tell me more

QQL Best Practices | Maximum Query Depth | Nested Queries