Save a Query
You can identify security gaps by running and saving a query about your assets.
Last updated
Was this helpful?
You can identify security gaps by running and saving a query about your assets.
Last updated
Was this helpful?
OctoXLabs supports a variety of asset management use cases, that can be implemented by running the right query. Read about some common use cases are described in the OctoXLabs documentation site, under the Using OctoXLabs category in the Use Cases subcategory.
Use the navigation tree and the search bar to explore the various use cases, that include, but are not limited to:
Finding Endpoints Missing Agents
Finding Endpoint Agents Not Functioning Correctly
Finding Devices Not Being Scanned For Vulnerabilities
Discovering Cloud Instances Not Being Scanned For Vulnerabilities
Finding Unmanaged Devices
Finding Rogue Devices On Privileged Networks
To create and run your own query:
From the Devices page, click Query Wizard on the top right corner above the Devices table.
The popup opens enables you to add filtering expressions upon different properties of devices. You can create multiple filter expressions and decide on the logical operators between them to create complex filtering conditions.
For example, the expression below filters all devices which Windows is their operating system (OS Type) and such devices were seen in OctoXLabs in the last 7 days:
The Query Wizard consists of following elements which requires the user input to create a filter expression:
AND/OR switch
NOT Flag
Source drop-down
Field drop-down
Operator drop-down
Value field
Bracket control
To run the query, click Search. To learn more about the Query Wizard and advanced querying, see Creating Queries with the Query Wizard.
To change the displayed columns, click Edit Columns on the right side of the page just above the table.
Pick any field from any adapter by selecting it on the top left selection. You can also narrow down the list of properties by typing into the search bar.
Click Reset Columns to reset the Devices page to its default column view. Click on Clear to
To save a new unsaved query, click Save As next to the query name. The Save as dialog opens, and you can set a name for the new saved query.
To learn more about working with saved queries, see Queries.
To modify a saved query:
Click Saved Queries on the top of search bar.
The Saved Queries page opens, displaying all the saved queries.
Search for a query and click its record to review its details.
Click Run Query to execute it.
Use the Query Wizard to change the query expressions or click Edit Columns to edit the query table columns. You can also:
Rename a saved query by a single click on the query name.
Save - Update the saved query you are working on.
Copy - Save the query results as a new saved query.
Click Cancel to undo any changes made on the saved query you are working on and reload the saved query.
To learn more about working with saved queries, see Queries.
To learn more about the Query Wizard elements and advanced querying, see Creating Queries with the Query Wizard.
