Get started with XQL queries - Learn more about some important information before getting started with XQL queries. - Administrator Guide

Get started with XQL queries - Learn more about some important information before getting started with XQL queries. - Administrator Guide - Cortex CLOUD

Cortex Cloud Posture Management Documentation

Product

Cortex Cloud Application Security > Cortex CLOUD

License

Cloud Posture Management

Creation date

2025-01-22

Last date published

2026-06-10

Category

Administrator Guide

Abstract

Learn more about some important information before getting started with XQL queries.

Before you begin running XQL queries, consider the following information:

Use the interface to help you build queries
Cortex Cloud offers features in the XQL search interface to help you build queries. For more information, see Useful XQL user interface features.
Understand query defaults and limitations
Before you run a query, review this list to better understand query behavior and results. For more information, see Expected results when querying fields.
Translate Splunk queries to XQL
If you have existing Splunk queries, you can translate them to XQL. For more information, see Translate to XQL.