From the Query Center you can manage and view the results of all simple and complex queries created from the Query Builder. The Query Center displays information about the query including the query parameters and allows you to adjust and rerun queries as needed.
The following table describes the fields that are available for each query in alphabetical order.
Certain fields are exposed and hidden by default. An asterisks (*) is beside every field that is exposed by default.
Displays whether the query was created by the native search.
Native search has been deprecated, this field allows you to view data for queries performed prior.
COMPUTE UNIT USAGE
Displays how many query units were used to execute the API query and Cold Storage query.
CREATED BY *
User who created or scheduled the query.
Displays the number of seconds it took to execute the query.
Unique identifier of Cortex Query Language (XQL) queries in the tenant. The identifier id generated for queries executed in Cortex XDR and XQL query API.
NUM OF RESULTS*
Number of results returned by the query.
Displays whether the source executing the query was XQL query API.
The query parameters used to run the query.
Unique identifier of the query.
For saved queries, the Query Name identifies the query specified by the administrator. For scheduled queries, the Query Name identifies the auto-generated name of the parent query. Scheduled queries also display an icon to the left of the name to indicate that the query is reoccurring.
Status of the query:
Yes or No.
SIMULATED COMPUTE UNITS
Displays how many query units were used to execute the Hot Storage query.
List of tenants on which an XQL query were executed.
Date and time the query was created.
Displays whether the query was created by an XQL search.