SaaS Security
Use Advanced Search
Table of Contents
Use Advanced Search
Learn how to use advanced search on Data Security
to isolate specific assets.
In some cases, a faceted search will
not provide you enough detail to find high priority incidents. To
isolate important problems, use advanced search to:
- Match more than one rule.
- Ignore the assets that match rules but that are not important to you.
Advanced search provides the same filters
as a basic faceted search, but gives you more options to apply connectors
and operators. For example, if you have a company policy that considers
social security numbers, tax information numbers, and credit card
numbers to be sensitive data, you may need to search for all assets
that contain any of these numbers and notify the owners.
Before
you perform an advanced search, learn how to compose an expression.
- To show the assets, select .The fields policy.name, incident.category, email.sent, and assigned.to are:
- Applicable only when you perform an advanced search in the Data Assets page.
- Not applicable when you create a policy (using ).
- Type your expression in the search box.Your search expression is composed of a set of supported fields, operators, and values. Type an opening parenthesis to display syntax help. As you type, the autofill function displays existing values (policies, data patterns, etc), helping you build your query accurately and efficiently. For example, you can:
- Search by existing policy. For example, (policy.name)—Use this option to locate incidents that you want to remediate.
- Search by existing data patterns. For example, (data_pattern.name)—Use this option to retrieve a results set with the intention of building a policy. Click Create Policy to add the expression as match criteria in a new policy.
- (Optional) Export this data to a CSV file to view and sort the search results.
- (Optional) Take actions on the cloud assets that match your filtering criteria.
- Download File or View Snippet
- Learn about the supported remediation actions.
