Learn more about how to get started before building a Graph Search query.
Prerequisite
Graph Search requires View or View/Edit RBAC permissions for Graph Search under → .
Before you start to search assets and findings by their relationships by building Graph Search queries, consider the following:
Understand your assets and findings data: Graph Search queries are based on the current data that has been collected for assets and findings from the data sources configured and then sent to the Unified Asset Inventory (UAI), which is displayed in the All Assets page ( → → ). The built-in query interface enables you to filter the parameter values by selecting the relevant data from your assets and findings. Ensure to familiarize yourself with this data to build your queries.
For more information on assets, see All assets.
For more information on findings, see Findings and events.
Learn more about the query structure using the built-in interface: Although the Graph Search queries are built using a built-in interface, you should understand the query structure to ensure that you build the queries correctly. For more information, see How to build Graph Search queries?.
Understand the Graph Search query results: Once your query is complete, you can search for the results. The results can be viewed in a graph or table format. For more information, Understand Graph Search query results.
Try out some examples: To help you feel confident with building Graph Search queries, start by following our step-by-step examples and tailor them for your environment. For more information, see Graph Search examples.
Learn more about the Graph Search Query Library and run the built-in queries: Graph Search contains a Query Library for saving and managing your own queries, queries shared with you, and built-in Graph Search queries provided by Palo Alto Networks. We recommend that you run these built-in queries as these examples provide common, important, and popular use cases. For more information, see Manage the Graph Search Query Library.