Searching vulnerability data

In IBM QRadar Vulnerability Manager, you can identify important vulnerabilities by searching your vulnerability data.

QRadar Vulnerability Manager provides various methods to search your data. You can search by network, by asset, by open service, or by vulnerability.

Default saved searches provide a fast method of identifying the risk to your organization. Saved searches are displayed in the Available Saved Searches field on the Vulnerability Manager Search page.

Before you begin

You must create a scan profile and scan your network assets.

Procedure

  1. Click the Vulnerabilities tab.
  2. In the navigation pane, click Manage Vulnerabilities.
  3. On the toolbar, select Search > New Search.
  4. If you want to load a saved search, do the following steps:
    1. Optional: Select a group from the Group list.
    2. Optional: In the Type Saved Search field, type the saved search that you want to load.
    3. From the Available Saved Searches list, select a saved search, and then click Load.
    4. Click Search.
  5. If you want to create a new search, do the following steps in the Search Parameters pane:
    1. In the first list, select the parameter that you want to use.
    2. In the second list, select a search modifier. The modifiers that are available depend on the search parameter that you select.
    3. In the third list, type or select the specific information that is related to your search parameter.
    4. Click Add Filter.

    For example, to email the vulnerabilities that are assigned to a technical user, select Technical Owner Contact and provide an email address that is configured on the Vulnerability Assignment page.

  6. Click Search.
  7. Optional: On the toolbar, click Save Search Criteria.
    Important: Vulnerability reports use saved search information. If you want to create a report that emails a technical user, you must save your search criteria.