The AlienVault Agent Queries

Role Availability Read-Only Analyst   Manager

Edition: This feature is available in the Standard and Premium editions of USM Anywhere.

USM Anywhere enables you to run a user-initiated agent query. There are several ad-hoc queries, which are in your environment by default. These queries generate events which can be used for a forensic investigation, so you can focus on fast response and remediation.

Important: The Agent must be connected and sending events.

You can run queries from different parts of your environment: