I am working on the beta VM dashboard. I am setting up a dashboard for our Win Server team and would like to know how I can filter out the vulnerabilities that have an "Ignored" status.
The Widget is the stock widget "Vulnerabilities By Severity" and here are the Queries:
(vulnerabilities.typeDetected:Confirmed and vulnerabilities.vulnerability.severity:[2,3,4,5]) and vulnerabilities.vulnerability.severity:"2"
tags.name:`Windows Servers Agent`
I get all of the the Confirmed Sev 2 vulnerabilities, even the "Ignored" ones. I am looking for a way to exclude them from the widget. Is there a Status:Ignored or Status:Closed/Ignored?
This same behavior shows up on the Top 10 Vulnerabilities widget as well.