USM Anywhere™

Searching Vulnerabilities

Role Availability Read-Only Analyst Manager

USM Anywhere includes several filters displayed by default. These filters enable you to search for your items of interest. You can either filter your search, or enter what you are looking for in the search field, which is in the lower-left corner of the page.

You can configure more filters and change which filters display by clicking the Configure filters link, which is located in the upper-left corner of the page. The management of filters is similar to that for assets. See Managing Filters for more information.

You can see the filters displayed by default in the main Vulnerabilities page in the following table.

Filters Displayed by Default in the Main Vulnerabilities Page
Filter Name Meaning
Last 24 Hours Filter vulnerabilities triggered in the last hour, last 24 hours, last 7 days, last 30 days or last 90 days. You can also configure your own period of time by clicking the Custom Range option. This option enables you to customize a range. When you click the icon, a calendar opens. You can choose the first and last day to delimit your search by clicking the days on the calendar or entering the days directly. Then select the hours, minutes, and seconds by clicking the specific box. Finally, select AM or PM..
Active/Inactive Filter vulnerabilities by the active or inactive vulnerabilities. See About Active and Inactive Vulnerabilities.
Labels Filter vulnerabilities by the labels applied to the vulnerabilityA known issue or weakness in a system, procedure, internal control, software package, or hardware that could be used to compromise security.. See Labeling the Vulnerabilities for more information.
Vulnerability Name Filter vulnerabilities by name of the vulnerability.
Severity Filter vulnerabilities by severity of the vulnerability. Values are High, Medium, and Low, see About Vulnerability Severity.
Asset Filter vulnerabilities of the assetAn IP-addressable host, including but not limited to network devices, virtual servers, and physical servers. that is vulnerable.
Asset Groups This is the asset groupAsset groups are administratively created objects that group similar assets for specific purposes. that has vulnerable asset. The number between parentheses indicates the number of assets in the asset group.

The number between brackets displayed by each filter indicates the number of items that matches the filter. You can also use the filter controls to provide a method of organizing your search and filtered results. These are the icons next to each filter title:

Icons Next to the Filter Title
Sort the filters alphabetically.
Sort the filters by the number of items that matches them.

In the upper-left side of the page, you can see any filters you have applied. Remove filters by clicking the icon next to the filter. Or clear all filters by clicking Reset.

Selected Filters on the Vulnerabilities Main Page

Note: When applying filters, the search uses the logical AND operator if the used filters are different. However, when the filter is of the same type, the search uses the logical OR operator.

Those filters that have more than ten options include a Filter Value search field for writing text and making the search easier.

Standard Mode

This mode enables you to select one value per filter at the same time, and then the search is automatically performed. This mode is ON by default.

To activate the Standard Mode when the Advanced Mode is ON

  1. Go to Environment > Vulnerabilities.
  2. In the upper-left corner of the page, click the icon.
  3. Note: If you exit the advanced mode and the selected filters are not compatible with the Standard Mode, a warning dialog box displays to inform you the current filters will be removed.

Advanced Mode

Advanced mode enables you to select more than one value per filter at the same time. This mode is off by default.

To activate the advanced mode

  1. Go to Environment > Vulnerabilities.
  2. In the upper-left corner of the page, click the icon to activate the advanced mode. This turns the icon green.

To perform a search in the advanced mode

  1. Go to Environment > Vulnerabilities.
  2. In the upper-left corner of the page, click the icon to activate the advanced mode.
  3. This turns the icon green.

  4. Click the filters that you want to select.

    The selected filters display inside a dashed rectangle.

    Selected Filters on the Advanced Search Mode

  5. In the lower-left corner of the page, click Apply Filters. Or in the upper side of the page, click Apply.
  6. The result of your search displays.

To search using the NOT operator

  1. Go to Environment > Vulnerabilities.
  2. In the upper-left corner of the page, click the icon to activate the advanced mode.
  3. Click the filter that you want to exclude.
  4. In the filter group, click Not.
  5. Important: This operator is not available when you have selected the title.

    Note: The selected filter displays this icon and the filter chiclet is labeled in red.

To search all values of a filter

  1. Go to Environment > Vulnerabilities.
  2. In the upper-left corner of the page, click the icon to activate the advanced mode.
  3. Select a filter title to select all filters below that title.

To search Vulnerabilities using the search field

  1. Go to Environment > Vulnerabilities .
  2. Enter your query in the search field.
  3. If you want to search for an exact phrase having two or more words, you need to put quotation marks around the words in the phrase. This includes email addresses (for example, "bob@mycompany.com").

    Note: Keep in mind that wildcard characters are considered as literals.

  4. Click the icon.

Vulnerabilities Search Field

The result of your search displays with the items identified.