All fields below are available with AssetView.
You may also be interested in: AWS EC2 | Microsoft Azure | Google Cloud Platform | Threat Protection
Tip - Click a grouping below like Asset Summary, or Show All for all details.
accounts.usernameShow assets with the username you're interested in. [string - exact match] accounts.username: administrator activatedForModulesShow assets activated for an app (VM, PC, WAS, WAF, FIM, EDR, SCA). Select the name from the drop-down menu. [string - selectable field] activatedForModules:
"VM" connectors.connector.nameShow findings detected by the EC2 connector name you're interested in. [string - full text search] connectors.connector.name: ec2 createdShow assets created within certain date range or on specific date. [date] For an asset scanned by a scanner appliance, this is when the asset is first scanned (specifically when scan processing completes). For an agent host, this is when the agent is installed (specifically when it is provisioned, i.e. first connects to the cloud platform). created: [2015-01-01 .. 2015-06-30] cpuCountShow assets that have some number of CPUs. [integer] cpuCount: 1 hostIdShow the asset assigned a certain Qualys host UUID, assigned by an agent or a scanner appliance when Agentless Tracking is used. [integer] hostId: 2918869 lastComplianceScanDateFind assets scanned for compliance within a date range or on specific date. [date] lastComplianceScanDate: [2017-03-15 .. 2017-04-15] lastComplianceScanDate:'2017-03-11' lastLoggedOnUserShow assets last logged into by a certain user. [string - exact match] lastLoggedOnUser: asmith lastVmScanDateFind assets scanned for vulnerabilities within a date range or on specific date. [date] lastVmScanDate: [2017-02-10 .. now-1s] lastVmScanDate:'2017-04-03' nameShow assets with a certain asset name. Use backticks for exact match. [string - full text search] name: `QW2K12QP3-65-53` netbiosNameFind the asset with a certain NetBIOS name. [string - exact match] netbiosName: VISTASP2-24-208 operatingSystemFind assets with a certain operating system. Use backticks for exact match. [string - full text search] operatingSystem:
"Windows 2012" pendingActivationForModulesShow assets pending activation for an app (VM, PC, WAS, WAF, FIM, IOC, SCA). Select the name from the drop-down menu [string - selectable field] pendingActivationForModules:
"VM" providerShow assets from a certain cloud service provider. Select the name from the drop-down menu. [string - selectable field] provider: "AWS" tags.businessImpactFind assets that have a certain business impact name. Select the name from the drop-down menu. [string - selectable field] tags.businessImpact: "HIGH" tags.nameFind assets that have a certain asset tag name. Use backticks for exact match. [string - full text search]] tags.name: `Cloud Agent` updatedFind assets updated within a date range or on specific date. [date] For an asset scanned by a scanner appliance, this happens every time the asset is re-scanned (specifically when scan processing completes). For an agent host, this happens every time the agent uploads host data to the cloud platform - inventory data and host metadata. updated: [2015-11-30 .. now-1s] |
agentActivations.keyShow agents activated using a certain activation key. [string - exact match] agentActivations.key: key-value agentActivations.statusShow assets based on agent status (ACTIVE or INACTIVE). [string - exact match] agentActivations.status: ACTIVE agentIDShow the asset with a certain agent ID. [string - exact match] agentID: f0c8e682-e9cc-4e7d-b92a-0c905d81ec74 agentVersionShow assets that have agents running a certain agent version. [string - exact match] agentVersion: 1.1.36.0 configurationProfileShow assets that have agents having a certain configuration profile name. Use backticks for exact match. [string - full text search] configurationProfile: `Initial Profile` lastCheckedInShow assets that have agents that last checked in (to the cloud platform) within a certain date range or on specific date. [date] lastCheckedIn: [2015-11-30 .. 2015-12-10] lastFullScanShow assets with last full scan conducted using Cloud Agent (CA) within a certain date range or on specific date. [date] lastFullScan: [now-1M .. now-1s] lastInventoryShow assets with last inventory scan conducted by agents within a certain date range or on specific date. [date] We recommend lastInventoryDate for date range queries using parameters i.e. [now-1M ... now-1s] lastInventory: [2015-12-01.. now-1s] lastInventoryDateShow assets with last inventory scan conducted by agents within a certain date range or on specific date. [date] lastInventoryDate: [2015-12-01.. now-1s] lastInventoryDate: [now-1M ... now-1s] |
hardware.categoryShow assets belonging to a certain category of hardware [string - exact match] hardware.category:Printers/Laser hardware.category1Show assets belonging to hardware category 1 [string - exact match] If you are searching for assets that are laser printers, then category1 is Printers and category2 is Laser. hardware.category1:Printers hardware.category2Show assets belonging to hardware category 2 [string - exact match] If you are searching for assets that are laser printers, then category1 is Printers and category2 is Laser. hardware.category2:Laser hardware.manufacturerShow assets from a certain hardware manufacturer [string - exact match] hardware.manufacturer:`Dell` hardware.modelShow assets of a certain hardware model [string - exact match] hardware.model:`De7470` hardware.productShow assets of a certain hardware product [string - exact match] hardware.product:`Latitude`
|
software.firstFoundFind assets with software first found within a date range or on a specific date. [date] software.firstFound: [2017-03-15 .. 2017-04-15] software.firstFound:'2017-03-11' software.lastUpdatedFind assets with software last updated within a date range or on a specific date. [date] software.lastUpdated: [2017-02-10 .. now-1s] software.lastUpdated:'2017-04-03' sofware.nameShow assets with the certain software name you're interested in. Use backticks for exact match. [string - full text search] software.name: `VMware Tools` software.versionShow assets with the software version you're interested in. [string - exact match] software.version: 8.6.10 |
interfaces.addressShow the asset with IPv4 or IPv6 address. Use single quote around IPv6 address. [string - exact match] interfaces.address:
10.10.100.20 interfaces.dnsAddressFind the asset with the DNS address of interest. [string - exact match] interfaces.dnsAddress: 10.0.100.11interfaces.hostnameShow findings with the hostname you're looking for. [string - full text search] Show any findings related to name Show any findings related to name (we'll match super domains) Show any findings that match exact value Show any findings that match domain name Show any findings starting with string (case sensitive) Show any findings ending with string interfaces.gatewayAddressFind assets with the default gateway address you're looking for. [string - exact match] interfaces.gatewayAddress: 10.11.65.1interfaces.interfaceNameShow the asset with the interface name you're looking for. [string - exact match] interfaces.interfaceName: PRO/1000 interfaces.macAddressShow the asset with the MAC address you're interested in. [string - exact match] interfaces.macAddress: "00-50-56-A9-73-5A" |
operatingSystem.architectureShow assets belonging to a certain operating system architecture [string - exact match] operatingSystem.architecture:64-Bit operatingSystem.categoryShow assets belonging to a certain category of operating system [string - exact match] operatingSystem.category:Windows/Embedded operatingSystem.category1Show assets belonging to operating system category 1 [string - exact match] If you are searching for assets with Windows Embedded operating system, then category1 is Windows and category2 is Embedded. operatingSystem.category1:Windows operatingSystem.category2Show assets belonging to operating system category 2 [string - exact match] If you are searching for assets with Windows Embedded operating system, then category1 is Windows and category2 is Embedded. operatingSystem.category2:Embedded operatingSystem.editionShow assets belonging to a certain operating system edition [string - exact match] operatingSystem.edition:Enterprise operatingSystem.marketVersionShow assets belonging to a certain operating system market version[string - exact match] operatingSystem.marketVersion:7 operatingSystem.nameShow assets belonging to a certain operating system name [string - exact match] operatingSystem.name:Windows 10 operatingSystem.publisherShow assets belonging to a certain operating system publisher [string - exact match] operatingSystem.publisher:Microsoft operatingSystem.updateShow assets belonging to a certain operating system update [string - exact match] operatingSystem.update:SP2 operatingSystem.versionShow assets belonging to a certain operating system version [string - exact match] operatingSystem.version:16.1 |
openPorts.descriptionShow findings with the service description detected on an open port. Use backticks for an exact match. [string - full text search] openPorts.description: `Windows Remote Desktop` openPorts.detectedServiceShow assets with a service name detected on an open port. Use backticks for exact match. [string - full text search] openPorts.detectedService: `win_remote_desktop` openPorts.firstFoundShow findings with open ports first found within a date range or on a specific date. [date] openPorts.firstFound: [2017-03-15 .. 2017-04-15] openPorts.firstFound:'2017-03-11' openPorts.lastUpdatedShow findings with open ports last updated within a date range or on a specific date. [date] openPorts.lastUpdated: [2017-02-10 .. now-1s] openPorts.lastUpdated:'2017-04-03' openPorts.portShow assets with a certain open port number. [integer] openPorts.port: 80 openPorts.protocolShow assets with a certain port protocol (UDP or TCP). [string - exact match] openPorts.protocol:
TCP |
processors.descriptionShow assets with a certain processor description. Use backticks for exact match. [string - full text search] processors.description: `intel` processors.speedShow assets with a certain processor speed. [integer] processors.speed: 1995 |
services.descriptionShow assets with a certain service description. Use backticks for exact match. [string - full text search] services.description: "Windows Event Log" services.nameShow assets with a service name you're interested in. Use backticks for exact match. [string - full text search] services.name: eventlog services.statusFind assets that are running. Use backticks for exact match. [string - full text search] services.status: `running` system.biosDescriptionShow assets with a certain BIOS description. Use backticks for exact match. [string - full text search] system.biosDescription: `Phoenix Technologies` system.lastBootShow assets last booted within a certain date range or on specific date. [date] system.lastBoot: [now-2M .. now-1M] system.manufacturerShow assets with a certain system manufacturer. Use backticks for exact match. [string - full text search] system.manufacturer: `dell` system.modelShow assets with a certain system model name. Use backticks for exact match. [string - full text search] system.model: `optiplex` system.timezoneShow assets with a certain timezone set. [string - exact match] system.timezone: "-08:00" system.totalMemoryShow assets with a certain total system memory. [integer] system.totalMemory: 1024 |
software.architectureShow assets with a certain software architecture [string - exact match] software.architecture:64-Bit software.editionShow assets with a certain software edition [string - exact match] software.edition:Professional software.categoryShow assets with a certain software category [string - exact match] software.category:Application Development/Testing software.category1Show assets with category 1 software [string - exact match] If you are searching for assets having testing software, then category1 is Application Development and category2 is Testing. software.category1:Application Development software.category2Show assets with category 2 software [string - exact match] If you are searching for assets having testing software, then category1 is Application Development and category2 is Testing. software.category2:Testing software.marketVersionShow assets with a certain software market version [string - exact match] software.marketVersion:7 software.nameShow assets with a certain software name [string - full text search] software.name: VMware Tools software.name: "VMware Tools" software.name: `VMware Tools` tags.name: `Cloud Agent` AND software: (name: `Cisco AnyConnect Secure Mobility Client` AND version: `3.1.12345`) software.productShow assets with a certain software product [string - exact match] software.product:Office software.publisherShow assets with software from a certain publisher [string - exact match] software.publisher:Microsoft software.typeShow assets with software of a certain type [string - exact match] software.type:Installer Package software.updateShow assets with a certain software update [string - exact match] software.update:16.0.1.2 software.versionShow assets with a certain software version [string - exact match] software.version:16.0 |
volumes.freeShow assets with a certain amount of free space (MB). [integer] volumes.free: 448312320 volumes.nameShow assets with a certain volume name. [string - exact match] volumes.name: /boot volumes.sizeShow assets with a certain size volume (MB). [integer] volumes.size: 481529856 |
vulnerabilities.typeDetectedShow assets with a certain vulnerability type (e.g. Confirmed, Potential or Information). Select the name from the drop-down menu [string - exact match] vulnerabilities.typeDetected: "Confirmed" vulnerabilities.vulnerability.qidShow findings with a certain vulnerability QID. [integer] vulnerabilities.vulnerability.qid: 90405 vulnerabilities.vulnerability.categoryShow findings with a certain vulnerability category name in the KnowledgeBase (e.g. CGI, Database, DNS and BIND). Select the name from the drop-down menu [string - selectable field] vulnerabilities.vulnerability.category: "CGI" vulnerabilities.vulnerability.riskShow assets with risk rating you're interested in. [integer] For confirmed and potential vulnerabilities risk is 10 times severity level (e.g. 10, 20, 30, 40, 50). For Information Gathered it is severity level (e.g. 1, 2, 3, 4, 5). vulnerabilities.vulnerability.risk: 50 vulnerabilities.severityShow assets with a certain severity level (1-5). Select a value from the drop-down menu [integer] vulnerabilities.severity: "4" vulnerabilities.vulnerability.titleShow assets with a certain vulnerability title. Use backticks for exact match. [string - full text search] vulnerabilities.vulnerability.title: `Remote Code Execution Vulnerability` vulnerabilities.vulnerability.typesShow assets with a certain vulnerability type (e.g. VULNERABILITY, POTENTIAL or INFORMATION). [string - exact match] vulnerabilities.vulnerability.types: "VULNERABILITY" |
vulnerabilities.cvssInfo.accessVectorShow findings with the CVSS access vector name you're interested in (e.g. UNDEFINED, LOCAL_ACCESS, ADJACENT_NETWORK, NETWORK). Select the name from the drop-down menu. [string - selectable field] vulnerabilities.vulnerability.cvssInfo.accessVector: "NETWORK" vulnerabilities.cvssInfo.baseScoreShow findings with the CVSS base score you're interested in. [integer] vulnerabilities.vulnerability.cvssInfo.baseScore: 7.8 vulnerabilities.cvssInfo.temporalScoreShow findings with the CVSS temporal score you're interested in. [integer] vulnerabilities.vulnerability.cvssInfo.temporalScore: 6.4 |
vulnerabilities.firstFoundShow assets with vulnerabilities first found within a certain date range or on specific date. [date] vulnerabilities.firstFound: [2015-01-01 .. 2015-12-31] vulnerabilities.lastFoundShow assets with vulnerabilities last found within a certain date range or on specific date. [date] vulnerabilities.lastFound: [now-10d .. now-5m] vulnerabilities.vulnerability.publishedShow assets with vulnerabilities published (in out KnowledgeBase within a certain date range or on specific date. [date] vulnerabilities.vulnerability.published: [now-6M .. now-1m] vulnerabilities.vulnerability.updatedShow assets with vulnerabilities last updated (in our knowledgeBase) within a certain date range or on specific date. [date] vulnerabilities.vulnerability.updated: [2014-09-30 .. 2015-10-07] |
vulnerabilities.vulnerability.consequenceShow assets with the consequence description you're looking for. Use backticks for exact match. [string - smart search] vulnerabilities.vulnerability.consequence: "sensitive information" vulnerabilities.vulnerability.descriptionShow assets with the vulnerability description you're looking for. Use backticks for exact match.. [string - smart search] vulnerabilities.vulnerability.description: `remote code execution` vulnerabilities.vulnerability.solutionShow assets with the vulnerability solution description you're looking for. Use backticks for exact match. [string - smart search] vulnerabilities.vulnerability.solution: "Security Bulletin MS10-006" |
Vulnerability - Detection Info vulnerabilities.vulnerability.discoveryTypesShow assets with the vulnerability type you're interested in (e.g. Remote or Authenticated). [string - exact match] vulnerabilities.vulnerability.discoveryTypes: Remote vulnerabilities.vulnerability.authTypesShow assets with the authentication type required to detect the vulnerability by name (e.g. WINDOWS_AUTH, UNIX_AUTH, ORACLE_AUTH, etc). Select the name from the drop-down menu. [string - selectable field] vulnerabilities.vulnerability.authTypes: "WINDOWS_AUTH" vulnerabilities.vulnerability.osShow assets with vulnerabilities detected on the operating system you're interested in. Use backticks for exact match. [string - full text search] vulnerabilities.vulnerability.os: windows |
Vulnerability - Exploitability vulnerabilities.vulnerability.exploitabilityShow assets with vulnerabilities associated with some known exploit description. Use backticks for exact match. [string - full text search] vulnerabilities.vulnerability.exploitability: `GIF Parser Heap` |
vulnerabilities.vulnerability.flagsShow assets with the Qualys defined vulnerability property you're interested in. [string - exact match] Discovery method (type) flag: REMOTE Authentication type flags: WINDOWS_AUTH, UNIX_AUTH, ORACLE_AUTH, SNMP_AUTH, VMWARE_AUTH, DB2_AUTH, HTTP_BASIC_AUTH, FORM_AUTH Vulnerability type flags: PCI_RELATED, VULNERABILITY (for potential vulnerability type), DANGEROUS (exploitive type, can take down services, crash systems, etc.), NAC_NAM_RELATED vulnerabilities.vulnerability.flags: PCI_RELATED vulnerabilities.vulnerability.listsShow assets with vulnerabilities in the list you're interested in, such as SANS_20, QUALYS_20, QUALYS_INT_10 (internal vulnerabilities), and QUALYS_EXT_10 (external vulnerabilities). [string - exact match] vulnerabilities.vulnerability.lists: SANS_20 vulnerabilities.vulnerability.sans20CategoriesShow assets with vulnerabilities that belong to one of the SANS top 20 vulnerability category of interest. [string - exact match] SANS 20 categories are: Anti-virus Software, Backup Software, Database Software, Email Clients, Excessive User Rights and Unauthorized Devices, Instant Messaging, Management Servers, Media Players, Office Software, Peer-to-Peer Programs, Phishing/Spear Phishing, Unencrypted Laptops and Removable Media, Unix and Mac OS Services, VoIP Servers and Phones, Web Applications, Web Browsers, Windows Services vulnerabilities.vulnerability.sans20Categories: "Media Players" |
vulnerabilities.vulnerability.patchAvailableShow assets with a patch is available (true) or not available (false). [boolean] vulnerabilities.vulnerability.patchAvailable: true vulnerabilities.vulnerability.patchesShow assets with a vulnerability that has a certain patch QID available. [integer] vulnerabilities.vulnerability.patches: 90753 |
vulnerabilities.vulnerability.bugTraqIdsShow assets with vulnerabilities assigned the BugTraq number you're interested in. [string - exact match] vulnerabilities.vulnerability.bugTraqIds: 22211 vulnerabilities.vulnerability.cveIdsShow assets with vulnerabilities assigned the CVE name you're interested in. [string - exact match] vulnerabilities.vulnerability.cveIds: CVE-2015-0313 vulnerabilities.vulnerability.vendorRefsShow assets with vulnerabilities assigned the vendor reference you're interested in. [string - exact match] vulnerabilities.vulnerability.vendorRefs: KB3021953 |
vulnerabilities.vulnerability.compliance.typeShow assets with vulnerabilities associated with the compliance type name you're interested in (e.g.COBIT, HIPAA, GLBA, SOX). Select the name from the drop-down menu. [string - selectable field] vulnerabilities.vulnerability.compliance.type: "HIPAA" vulnerabilities.vulnerability.compliance.sectionShow assets with vulnerabilities associated with the compliance section you're interested in. Use backticks for exact match. [string - full text search] vulnerabilities.vulnerability.compliance.section: 164.308 vulnerabilities.vulnerability.compliance.descriptionShow assets with vulnerabilities associated with the compliance policy or regulation you're interested in. [string - full text search] vulnerabilities.vulnerability.compliance.description: "malicious software" |