Welcome to Dashboard Toolbox - Improving Dashboard Performance through Query Formatting and Filters.
Here we will begin to collaboratively and constructively collect a list of query format choices that will help to improve the performance of your dashboard(s). As new recommendations arise, they will be added to this page and to the scope of the technical publications when the dashboards move to GA.
dashboard_toolbox dashboard_howto vmdb_beta
Maximum Character Limits (including alphanumeric, special characters and spaces)
- Query Tokens: 256 characters
- Query String: 4096 characters
New VM Dashboard BETA Annotations, Suggestions and Recommendations
1. New Sep 25, 2019 DON'T MIX YOUR QUERY TOKENS: When you are working on a dashboard that contains more than one data source query box as indicated by the plus sign on the right of the query search box, make absolutely certain you only include the tokens applicable to the data source indicated on the left of the query search box.
- In the image below, the data sources is the vulnerability index, you will only want to enter vulnerability detection tokens here. The interface will only provide autocomplete options for tokens that are valid for the query search box you are in. In other words, do not enter asset tokens in this box, and vice-versa. If you copy/paste an asset token into the Vulnerability query search or a vulnerability detection token in the Asset query search, you may receive invalid results.
2. Updated Sep 25, 2019 When working in the new dashboard, one needs to stipulate which vulnerabilities.status:[NEW, ACTIVE, REOPENED, FIXED] you want to see.
- Enhancements were implemented adding global exclude filters. So you need to be careful.
When you apply the status token, you need to UNCHECK the FIXED filter...
- When you apply the global exclude filter EXCLUDE FIXED, to only display open (NEW, ACTIVE, and REOPENED) detections, you should OMIT the status token in the widget or query.
If you attempt to use the token and the filter together, bad Ju-Ju happens, it's better to pick your poison!
3. When working in the new dashboard, nesting within a query is only required for ASSET, not for VULNERABILITY.
4. It's important to frequently review this page through-out the beta for the best way to format your queries: Dashboard Toolbox - Improving Dashboard Performance through Query Formatting
Query Operators
Brackets and Parenthesis | Greater Than Greater Than or Equal | Less Than Less Than or Equal |
---|---|---|
token:[5 .. 10] returns 5,6,7,8,9,10
token:(5 .. 10] returns,6,7,8,9, 10 | token > 5 returns 6+ token >= 5 returns 5+ | token < 5 returns 0 thru 4 token <= 5 returns 0 thru 5 |
(NO) QUOTATION MARKS New | Grave Accent (`) for Exact Match New |
|
Finding Related Items - No Quotations Marks: token:xxxxxxxx
Contains - Double Quotes: token:"xxxxxxxx" |
token:`xxxxxx` |
Recommended Query Formatting for Performance
Please feel free to comment, ask questions, and make suggestions for content below. DMFezzaReed will review and acknowledge both a minimum of once each week.
Back to Dashboard Toolbox - New Vulnerability Management (VM) Dashboard BETA