OctoXLabs CAASM Platform
  • Welcome to OctoXLabs Documentation Portal
  • Installation & System Requirements
  • Setting up OctoXLabs
    • Installing OctoXLabs
    • Updating OctoXLabs
    • Add SSL Certificate to OctoXLabs
  • Using OctoXLabs
    • Connect Adapters
    • Examine a Device Profile
    • Tag a Device
    • Save a Query
    • Create a Dashboard Chart
    • Generate a Report
  • ADAPTERS
    • Adapters
      • Addigy
      • A Cloud Guru
      • Admin by Request
      • Assure1 by Federos
      • Apache Cloudstack
      • Aruba ClearPass
      • Atera
      • Attivo Networks Decoy
      • Attivo Networks Endpoints
      • Automox
      • AWS Elastic Compute Cloud (EC2)
      • Beamsec PhishTrace
      • BigFix (formally IBM BigFix)
      • BigFix Inventory
      • Binalyze Air
      • Bit Defender
      • Bizzy
      • Blue Coat Proxy
      • BMC Client Management
      • BMC TrueSight Server Automation
      • Boldon James Classifier
      • Box
      • Broadcom Automic
      • Cisco Advanced Malware Protection (AMP)
      • Cisco Identity Services Engine (ISE)
      • Cisco Meraki
      • Cisco Umbrella
      • Claroty CTD
      • Collibra
      • Commvault (Beta)
      • CrowdStrike Falcon
      • CrowdStrike Falcon Discover
      • CrowdStrike Falcon IDP
      • CrowdStrike Falcon Spotlight
      • CSV File
      • CyberArk EPM
      • Cynet 360
      • Datadog
      • Delinea EPM
      • Delinea Secret Server
      • Device42
      • DHCP Server
      • Dynatrace
      • Entropi
      • Eset Connect
      • Eset Inspect
      • Eset Protect
      • F5 Waf Centralized Management
      • ForcePoint DLP
      • Forescout NAC
      • Fortify Data
      • Fortinet FortiClient EMS
      • Fortinet FortiSIEM
      • Fortinet FortiNAC
      • Gitlab
      • GLPI
      • Grafana
      • IBM Guardium
      • Harmony Endpoint Management (Beta)
      • HP Device Manager
      • Humio
      • IBM QRadar
      • Imperva Database Activity Monitoring (DAM)
      • Infoblox DDI
      • Ivanti Device Control
      • Jamf Pro
      • Jira Assets
      • JSON File
      • Kandji
      • Kaspersky SC
      • Keepnet Labs
      • Karmasis Dataskope
      • KnowBe4
      • Lansweeper
      • Manage Engine Asset Explorer
      • ManageEngine Desktop Central
      • ManageEngine MDM
      • ManageEngine OP Manager
      • Manage Engine Service Desk Plus
      • McAfee ePolicy Orchestrator (EPO)
      • Microsoft AIP
      • Microsoft Active Directory (AD)
      • Microsoft Azure
      • Microsoft Azure Entra
      • Microsoft BitLocker Administration and Monitoring (MBAM)-(SCCM)
      • Microsoft Defender For Endpoint (ATP)
      • Microsoft Defender for IoT (formerly CyberX)
      • Microsoft Intune
      • Microsoft System Center Configuration Manager (SCCM)
      • Microsoft System Center Operations Manager (Scom)
      • Microsoft Windows Server Update Services (WSUS)
      • NetBox
      • Netskope
      • Nutanix Prism
      • ObserveIT
      • Opal
      • Openshift
      • OpenText UCMDB (formerly Microfocus UCMDB)
      • OpenVAS DB
      • Opsgenie
      • Oracle DB
      • Oracle Enterprise Manager
      • Oracle Weblogic Server
      • Palo Alto Cortex XDR
      • PDQ Adapter
      • Postgre SQL Server
      • Prey
      • Prisma Cloud (formerly Twistlock)
      • PRTG Network Monitor (Beta)
      • Qualys Cloud Platform
      • Redhat Automation Controller Beta (formerly Ansible Tower)
      • Rapid7 Nexpose
      • Red Hat Satellite
      • RSA Archer
      • RSA Archer CSV
      • ScopNet NAC
      • SecFusion
      • SecFusion API
      • Sentinel One EDR
      • Servicenow CMDB
      • Skybox
      • Slack
      • Snow Commander
      • SolarWinds Orion
      • Sophos Central
      • Sophos Endpoint Protection
      • Splunk Enterprise Security
      • Suse Manager
      • SQL Server
      • Symantec Data Critical System Protection (CSP)
      • Symantec Data Center Security (DCS)
      • Symantec Data Loss Prevention (DLP)
      • Symantec Endpoint Detection and Response (EDR)
      • Symantec Endpoint Protection
      • Symantec Endpoint Security (SES)
      • SQL Server
      • Tenable Nessus
      • Teramind
      • Tenable Nessus Sensors
      • Tenable.io
      • Tenable.sc (Security Center)
      • Titus
      • Trellix XDR Platform (formerly FireEye HX)
      • Trend Micro Apex One
      • Trend Micro Deep Security
      • Trend Micro Vision One
      • Vectra AI
      • Veritas NetBackup
      • VMware Carbon Black
      • Vmware ESXI
      • VMware MDM AirWatch
      • VMware vCenter
      • Vultr
      • Wazuh
      • XLSX File
      • Zabbix
  • Action Center
    • Create Request
      • Jira Notification
      • Service Desk Notification
    • Notify
      • Send Mail
      • Send Slack Notification
      • Teams Notification
      • Webhook Notification
  • Octo API
  • Release Notes
    • OctoXLabs 5.x
      • Release Notes - v5.2.0
      • Release Notes - v5.1.0
      • Release Notes - v5.0.0
    • Previous Releases
      • OctoXLabs 4.x
        • Release Notes - v4.5.0
        • Release Notes - v4.4.0
        • Release Notes - v4.3.1
        • Release Notes - v4.3.0
        • Release Notes - v4.2.0
        • Release Notes - v4.1.1
        • Release Notes - v4.1.0
        • Release Notes - v4.0.0
        • Release Notes - v4.0.1
      • OctoXLabs 3.x
        • Release Notes - v3.3.0
        • Release Notes - v3.2.0
        • Release Notes - v3.1.0
        • Release Notes - v3.0.0
      • OctoXLabs 2.x
        • Release Notes - v2.6.0
        • Release Notes - v2.5.1
        • Release Notes - v2.5.0
        • Release Notes - v2.4.0
        • Release Notes - v2.2.1
Powered by GitBook
On this page
  • Create and Save a Query
  • Modify an Existing Query

Was this helpful?

  1. Using OctoXLabs

Save a Query

You can identify security gaps by running and saving a query about your assets.

PreviousTag a DeviceNextCreate a Dashboard Chart

Last updated 3 months ago

Was this helpful?

OctoXLabs supports a variety of asset management use cases, that can be implemented by running the right query. Read about some common use cases are described in the OctoXLabs documentation site, under the Using OctoXLabs category in the Use Cases subcategory.

Use the navigation tree and the search bar to explore the various use cases, that include, but are not limited to:

  • Finding Endpoints Missing Agents

  • Finding Endpoint Agents Not Functioning Correctly

  • Finding Devices Not Being Scanned For Vulnerabilities

  • Discovering Cloud Instances Not Being Scanned For Vulnerabilities

  • Finding Unmanaged Devices

  • Finding Rogue Devices On Privileged Networks

Create and Save a Query

To create and run your own query:

  1. From the Devices page, click Query Wizard on the top right corner above the Devices table.

  2. The popup opens enables you to add filtering expressions upon different properties of devices. You can create multiple filter expressions and decide on the logical operators between them to create complex filtering conditions.

  3. For example, the expression below filters all devices which Windows is their operating system (OS Type) and such devices were seen in OctoXLabs in the last 7 days:

  1. The Query Wizard consists of following elements which requires the user input to create a filter expression:

  • AND/OR switch

  • NOT Flag

  • Source drop-down

  • Field drop-down

  • Operator drop-down

  • Value field

  • Bracket control

  1. To run the query, click Search. To learn more about the Query Wizard and advanced querying, see Creating Queries with the Query Wizard.

  2. To change the displayed columns, click Edit Columns on the right side of the page just above the table.

  1. Pick any field from any adapter by selecting it on the top left selection. You can also narrow down the list of properties by typing into the search bar.

Click Reset Columns to reset the Devices page to its default column view. Click on Clear to

  1. To save a new unsaved query, click Save As next to the query name. The Save as dialog opens, and you can set a name for the new saved query.

To learn more about working with saved queries, see Queries.

Modify an Existing Query

To modify a saved query:

  1. Click Saved Queries on the top of search bar.

  2. The Saved Queries page opens, displaying all the saved queries.

  1. Search for a query and click its record to review its details.

  1. Click Run Query to execute it.

Use the Query Wizard to change the query expressions or click Edit Columns to edit the query table columns. You can also:

  • Rename a saved query by a single click on the query name.

  • Save - Update the saved query you are working on.

  • Copy - Save the query results as a new saved query.

Click Cancel to undo any changes made on the saved query you are working on and reload the saved query.

To learn more about working with saved queries, see Queries.

To learn more about the Query Wizard elements and advanced querying, see Creating Queries with the Query Wizard.