Skip to main content

Simple Finding Queries

The following examples demonstrate simple Brinqa Query Language (BQL) queries for retrieving findings, vulnerabilities, and any related models. These queries typically include a single condition, such as a status, severity level, or risk score. You can use the same syntax on other target data models and attributes.

Which findings have an exception request?

FIND Finding AS f
THAT REQUESTED ExceptionRequest

Which findings were discovered in the last 7 days?

FIND Finding AS f
WHERE f.firstFound IN LAST 7 Days

Which findings are due in the next 14 days?

FIND Finding AS f
WHERE f.dueDate IN NEXT 14 Days

Which findings have a specific severity?

FIND Finding AS f
WHERE f.severity = "High"

Which findings have a range of severities?

FIND Finding AS f
WHERE f.severity CONTAINS ANY ["Medium", "High", "Critical"]

Which findings have a specific status?

FIND Finding AS f
WHERE f.status = "Confirmed fixed"
FIND Finding AS f
WHERE f.status IN ["Confirmed active", "False positive"]

Which findings have a risk score greater than 8?

FIND Finding AS f
WHERE f.riskScore > 8
FIND FindingDefinition AS fd
WHERE fd.category CONTAINS ANY ["Malware", "malware"]

Which finding definitions are from a specific integration?

FIND FindingDefinition AS fd
WHERE fd.dataIntegrationTitles CONTAINS "Qualys"

Which vulnerabilities were updated after a specific date?

FIND Vulnerability AS v
WHERE v.lastUpdated SINCE 2025-04-01

Which vulnerabilities are older than 30 days?

FIND Vulnerability AS v
WHERE v.ageInDays > 30
FIND FindingDefinition AS fd
WHERE fd.cveIds CONTAINS "2022"
FIND FindingDefinition AS fd
WHERE fd.cveIds IN ["CVE-2022-21299", "CVE-2022-21299"]
Last updated on