From the Query Center you can manage and view the results of all simple and complex queries created from the Query Builder. The Query Center displays information about the query including the query parameters and allows you to adjust and rerun queries as needed.
The following table describes the fields that are available for each query in alphabetical order.
Note
Certain fields are exposed and hidden by default. An asterisks (*) is beside every field that is exposed by default.
Field | Description |
---|---|
BQL | Displays whether the query was created by the native search. Native search has been deprecated, this field allows you to view data for queries performed prior. |
COMPUTE UNIT USAGE | Displays how many query units were used to execute the API query and Cold Storage query. |
CREATED BY * | User who created or scheduled the query. |
DURATION (SEC) | Displays the number of seconds it took to execute the query. |
EXECUTION ID | Unique identifier of Cortex Query Language (XQL) queries in the tenant. The identifier id generated for queries executed in Cortex XDR and XQL query API. |
NUM OF RESULTS* | Number of results returned by the query. |
PUBLIC API | Displays whether the source executing the query was XQL query API. |
QUERY DESCRIPTION* | The query parameters used to run the query. |
QUERY ID | Unique identifier of the query. |
QUERY NAME* | For saved queries, the Query Name identifies the query specified by the administrator. For scheduled queries, the Query Name identifies the auto-generated name of the parent query. Scheduled queries also display an icon to the left of the name to indicate that the query is reoccurring. |
QUERY STATUS* | Status of the query:
|
RESULTS SAVED* | Yes or No. |
SIMULATED COMPUTE UNITS | Displays how many query units were used to execute the Hot Storage query. |
TENANT | List of tenants on which an XQL query were executed. |
TIMESTAMP* | Date and time the query was created. |
XQL | Displays whether the query was created by an XQL search. |