AnsweredAssumed Answered

How to use compound filters in query

Question asked by Daniel Miller on Jun 29, 2017
Latest reply on Aug 2, 2017 by Tom Noorman

How to create compound query with linked filters?

 

I have the following Query:

(vulnerabilities.firstFound < now-30d and vulnerabilities.vulnerability.severity:5) 

 

Right now, It will show me an asset with the following data, because of machtes (in bold)

 

Sev 5 Vuln - found yesterday

Sev 4 Vuln - found 30+ days ago. 

 

How can I write the query to ONLY show Sev 5's that were found within that time frame. I'm not sure how to link the two criteria together or filter out other results, without eliminating good data.

 

If I say 'not vuln.vuln.sev:4' I will lose anything that has both a sev4 and sev5.

Outcomes