Cortex XDR Query Center

Manage the results of queries and adjust and rerun them as needed.
From the
Query Center
you can manage and view the results of all simple and complex queries created from the
Query Builder
. The Query Center displays information about the query including the query parameters and allows you to adjust and rerun queries as needed.
query-center.png
The following table describes the fields that are available for each query in alphabetical order.
Field
Description
CREATED BY
User who created or scheduled the query.
NUM OF RESULTS
Number of results returned by the query.
QUERY DESCRIPTION
The query parameters used to run the query.
QUERY ID
Unique identifier of the query.
QUERY NAME
For saved queries, the
Query Name
identifies the query specified by the administrator. For scheduled queries, the
Query Name
identifies the auto-generated name of the parent query. Scheduled queries also display an icon to the left of the name to indicate that the query is reoccurring.
query-scheduled.png
QUERY STATUS
Status of the query:
  • Queued—The query is queued and will run when there is an available slot.
  • Running
  • Failed
  • Partially completed—The query was stopped after exceeding the maximum number of permitted results (10
    0
    ,000). To reduce the number of results returned, you can adjust the query settings and rerun.
  • Stopped—The query was stopped by an administrator.
  • Completed
  • Deleted—The query was pruned.
RESULTS SAVED
Yes or No.
TIMESTAMP
Date and time the query was created.

Recommended For You