Displays whether the query was created by the native search.
Native search has been deprecated, this field allows you to view data for queries performed prior.
User who created or scheduled the query.
Unique identifier of XQL queries in the tenant. The identifier id generated for queries executed in the Cortex XDR app and XQL query API.
NUM OF RESULTS
Number of results returned by the query.
Displayed whether the source executing the query was XQL query API.
The query parameters used to run the query.
Unique identifier of the query.
For saved queries, the
Query Nameidentifies the query specified by the administrator. For scheduled queries, the
Query Nameidentifies the auto-generated name of the parent query. Scheduled queries also display an icon to the left of the name to indicate that the query is reoccurring.
Status of the query:
Yes or No.
List of tenants on which an XQL query were executed.
Date and time the query was created.
Displays whether the query was created by the an XQL search.