Updated on 2024-11-06 GMT+08:00

Quick Query

Scenario

Quick Query is a function of SecMaster that provides saved query and analysis operations. You can save a common query and analysis statement as a quick query statement for future use.

This topic describes how to create a quick query.

Prerequisites

Indexes have been configured. For details, see Configuring Indexes.

Creating a Quick Query

  1. Log in to the management console.
  2. Click in the upper left corner of the management console and select a region or project.
  3. Click in the upper left corner of the page and choose Security & Compliance > SecMaster.
  4. In the navigation pane on the left, choose Workspaces > Management. In the workspace list, click the name of the target workspace.

    Figure 1 Workspace management page

  5. In the navigation pane on the left, choose Threat Operations > Security Analysis. The security analysis page is displayed.

    Figure 2 Accessing the Security Analysis tab page

  6. In the data space navigation tree on the left, click a data space name to show the pipeline list. Click a pipeline name. On the displayed page, you can search the pipeline data.

    Figure 3 Pipeline data page

  7. Enter the query and analysis statement, set the time range, and click Query/Analyze.

    For details, see Querying and Analyzing Data.

  8. Click Save as Quick Query in the upper right corner of the area, configure query parameters on the right, and click OK.

    Table 1 Parameters for a quick query

    Parameter

    Description

    Query Name

    Set the name of the quick query.

    Query statement

    The system automatically generates the query statement entered in 7.

  9. Click OK.

    After creating a quick query, you can click in the quick query search box on the pipeline data query and analysis page and select the target quick query name to use the quick query.