Basic Search
This article details how to use plaintext search and the basic search filters in the Brinqa Platform to retrieve data.
Plaintext search
Plaintext search is a subset of the basic search functionality that focuses on searching text fields without requiring special syntax or formatting. This method is designed to let you enter search terms as you would in a typical search engine.
When you perform a plaintext search, the Brinqa Platform processes the input and searches for both exact matches and partial matches across all active, indexed, non-encrypted, non-reference-type attributes of a record. Plaintext search is also case-sensitive, so ensure that your search terms match the case of the text in the records for accurate results.
You can use plaintext search on any page in the Brinqa Platform that supports basic search filters, including the pages under Inventory, Findings, or Remediation.
For example, to use plaintext search to find all findings associated with AWS, follow these steps:
-
Navigate to Findings > All findings.
-
Click the icon to the left of the search area, and then select Basic.
-
Type the text in the search bar. For example, to find all findings associated with AWS, type "AWS".
-
Press Enter or Return on your keyboard to run the search.
The list view refreshes and only displays findings with "AWS" in any of the related text fields:
Since plaintext search is case-sensitive, if you type "aws" instead of "AWS", you get different results:
To make the most out of the plaintext search functionality, consider the following best practices and tips:
-
Use specific terms: To narrow down search results, use specific keywords or phrases relevant to the information you are seeking.
-
Check spelling and case: Ensure correct spelling and case of search terms to improve the accuracy of results.
-
Use wildcards: Use wildcard characters to enhance search flexibility. For example, searching for "445*" will return any fields that start with "445", which can help in narrowing down to the specific attribute values you are looking for.
When searching for numeric values, the result contains records where the number appears in any indexed field, not necessarily the specific one you have in mind. For example, if you try to search for any record that has "445" as a port number, the results may contain records whose port number isn't "445". This is because other attributes, such as UID, may contain "445" as well.
Filter search
You can use the basic search function on any page in the Brinqa Platform that supports basic search filters, including the pages under Inventory, Findings, or Remediation. For example, the following screenshot displays what the filters may look like on your Findings page:
While the default attribute filters vary by page, you can add more filters to your basic search by clicking More and selecting the attribute filters you want to display.
To use the basic search filters to find all critical findings from specific integration sources in your data, follow these steps:
-
Navigate to Findings > All findings.
-
Click the icon to the left of the search area, and then select Basic.
-
Click the Risk rating filter, select Critical, and then click Apply.
- If the Risk rating filter is not available, click More, locate and select Risk rating, and click Apply.
-
Click the Sources filter drop-down, select CONTAINS ANY, and then select the integration sources you want to retrieve critical findings from, such as Qualys Vulnerability Management (VM) and Snyk, and then click Apply.
The Sources filter is a multi-valued attribute filter, therefore you can select from multiple operators:
-
CONTAINS ANY
: Returns results if any of the selected values are present. -
NOT CONTAINS ANY
: Excludes results if any of the selected values are present. -
CONTAINS ALL
: Returns results only if all of the selected values are present. -
NOT CONTAINS ALL
: Excludes results if all of the selected values are present.
-
The list view updates automatically upon making a selection.
To view the Brinqa Query Language (BQL) equivalent of a basic search, click the icon to the left of the search area, and then select BQL after you run a basic search. For example, the following BQL query is equivalent to the basic search example:
FIND Finding AS f WHERE f.dataIntegrationTitles CONTAINS ANY ["Qualys VM", "Snyk"] AND f.riskRating = "Critical"
You can use this method to learn and get familiar with BQL.