Cloud Services

Compliance and Security Operations

Query engine
Published On Jun 04, 2024 - 8:44 AM

Query engine

The Query engine helps to report compliance and security vulnerabilities within a specified time frame.
Kyndryl Modern Operations Applications - Compliance and Security Operations defaults to a dashboard containing a matrix of graphical elements displaying compliance and security posture data for an at-a-glance assessment of your hybrid IT estate (cloud and on prem resources). Complementing this quick assessment dashboard is a query feature that reports vulnerabilities with a specified time frame.
This query feature enables long term assessment in the form of tabular data that is more easily quantifiable and actionable than its graphical counterparts.

Navigating to the Query engine

Below the main Compliance and Security Operations main menu, are three options:
  • Dashboard (default): Provides various displays
  • Query Builder (search)
  • Configuration: Provides links to data collection engine for detailed data analysis.
Select Query Builder.

Query engine search options

The Query engine has three search classes:
  • By Contexts
    : All vulnerabilities within the specified time frame:
    • Last 1 day
    • Last 7 days
    • Last 15 days
    • Last 30 days (default)
    • Custom: specify a calendar date range
  • By Top affected:
     Resources containing the greatest number of vulnerabilities in descending order:
    • Result set number
    • Date range
      • Last 1 day
      • Last 7 days
      • Last 15 days
      • Last 30 days (default)
      • Custom: specify a calendar date range
  • By Common Vulnerability:
     Two or more resources with the same vulnerability type:
    • Context such as Asset Name or Cloud Provider
    • Context Value such as GCP or AWS
    • Date range:
      • Last 1 day
      • Last 7 days
      • Last 15 days
      • Last 30 days (default)
      • Custom: specify a calendar dare range

Procedures

For
By Contexts
 searches, use the following procedure:
  1. Select the
    With-in the Time Range
    .
  2. Option: Click the
    Context +
     button located next to the
    Search
     button to display the query builder.
    1. Construct your query using the query builder.
    2. Click the
      - (delete)
       buttton located at the far right of the query builder to delete an entry.
  3. Click
    Search
    .
For
By Top Affected
 searches, use the following procedure:
  1. Select the
    Result set
     quantity (minimum 5).
  2. Select the
    With-in the Time Range
    .
  3. Click
    Search
    .
For
By Common Vulnerability
 searches, use the following procedure:
  1. Select
    Context
    .
  2. Select
    Context Value
    .
  3. Select
    With-in the Time Range
    .
  4. Click
    Search
    .
Use the
Edit
 button to modify your search, or the
New Search
 button to start again.
Do you have two minutes for a quick survey?
Take Survey