Jump to Content
Home
Guides
Discussions
v1.0
Log In
Guides
Log In
v1.0
Home
Guides
Discussions
Search
Welcome
Welcome to Query!
Product Architecture
Security & Privacy
Search & Results
Getting Started
Search Progress and Results
Summary Insights (Federated Dashboards)
Searching in the Query UI
Administration
Team Management
Integrations
Amazon Athena (for Amazon S3)
Amazon CloudWatch Logs (for AWS WAFv2)
Amazon OpenSearch Service
Amazon Redshift
Amazon Redshift Serverless
Amazon Security Lake
AlienVault OTX
Armis Centrix
Auth0
Azure Log Analytics
CISA Known Exploited Vulnerabilities (KEV) Catalog
ClickHouse Cloud
Cribl Search
Crowdstrike Falcon API
CrowdStrike Falcon LogScale (Humio)
Cyera
Databricks
Datadog
Google BigQuery
Google Security Operations SIEM (Google Chronicle)
Gmail Messages API
Google Workspace - Directory API
Google Workspace - Reports API
ip-api (Geolocation API)
Jamf
Microsoft Entra ID (Azure AD)
Microsoft Defender for Endpoint
Microsoft Defender for Office 365
Microsoft Graph API - Security
Microsoft Intune
Microsoft Sentinel (Azure Sentinel)
MISP (Malware Information Sharing Project)
Okta
SentinelOne Singularity Platform
ServiceNow
Snowflake
Shodan
Splunk Enterprise & Cloud
Tégo
VirusTotal
VMWare Carbon Black Cloud Enterprise EDR
WhoisXML API
Query APPS
Query Splunk App
Splunk App Setup and Administration
Running Federated Search from Splunk
Splunk App Quick Reference Guide
Query Chrome Extension
Query Data Model Reference
About the Query Data Model
Configure Schema
Event Categories
Events
Account Change
Admin Group Query
API Activity
Application Lifecycle
Authentication
Authorize Session
Base Event
Compliance Finding
Device Config State
Data Security Finding
Datastore Activity
Detection Finding
Device Config State Change
DHCP Activity
DNS Activity
Email Activity
Email Delivery Activity
Email File Activity
Email URL Activity
Entity Management
Event Log Activity
File System Activity
File Hosting Activity
File Query
File Remediation Activity
Folder Query
FTP Activity
Group Management
HTTP Activity
Incident Finding
Device Inventory Info
Job Query
Kernel Activity
Kernel Extension Activity
Kernel Object Query
Memory Activity
Module Activity
Module Query
Network Activity
Network Connection Query
Network File Activity
Network Remediation Activity
Networks Query
NTP Activity
OSINT Inventory Info
Operating System Patch State
Peripheral Device Query
Prefetch Query
Process Activity
Process Query
Process Remediation Activity
RDP Activity
Registry Key Activity
Registry Key Query
Registry Value Activity
Registry Value Query
Remediation Activity
Windows Resource Activity
Scan Activity
Scheduled Job Activity
Security Finding
Service Query
User Session Query
SMB Activity
Software Inventory Info
SSH Activity
Tunnel Activity
User Access Management
User Inventory Info
User Query
Vulnerability Finding
Web Resource Access Activity
Web Resources Activity
Windows Service Activity
Objects
Account
Actor
Affected Code
Affected Software Package
Agent
Analytic
API
MITRE ATT&CK®
Authentication Factor
Authorization Result
Autonomous System
Digital Certificate
CIS Benchmark
CIS Benchmark Result
CIS Control
CIS CSC
Cloud
Compliance
Container
CVE
CVSS Score
CWE
MITRE D3FEND™ Tactic
MITRE DEFEND™ Technique
MITRE D3FEND™
Data Classification
Data Security
Database
Databucket
DCE/RPC
Device
Device Hardware Info
Digital Signature
Display
DNS Answer
DNS Query
Domain Contact
Domain Information
Domain Threat Intelligence
Email
Email Authentication
Endpoint
Endpoint Connection
Enrichment
EPSS
Windows Evidence Artifacts
Schema Extension
Feature
File
File Threat Intelligence
Finding
Finding Information
Fingerprint
Firewall Rule
Group
HASSH
HTTP Cookie
HTTP Header
HTTP Request
HTTP Response
Identity Provider
Image
IP Threat Intelligence
JA4+ Fingerprint
Job
KB Article
Kernel Resource
Kernel Extension
Keyboard Information
Kill Chain Phase
LDAP Person
Load Balancer
Geo Location
Logger
Malware
Managed Entity
Metadata
Metric
Module
Network Connection Information
Network Endpoint
Network Interface
Network Proxy Endpoint
Network Traffic
Object
Observable
Organization
Operating System (OS)
OSINT
Software Package
Peripheral Device
Policy
Linux Process
Product
Query Information
Registry Key
Registry Value
Related Event
Related Findings
Remediation
Reputation
Request Elements
Resource
Resource Details
Response Elements
RPC Interface
Rule
Subject Alternative Name
Scan
Security State
Service
Session
MITRE ATT&CK® Sub Technique
Table
MITRE ATT&CK® Tactic
MITRE ATT&CK® Technique
Threat Intelligence
Ticket
Time Span
Transport Layer Security (TLS)
TLS Extension
Unmapped
Uniform Resource Locator
URL Threat Intelligence
User
Vulnerability Details
Web Resource
WHOIS
Windows Resource
Windows Service
Data Types
Suggest
