Tasks
When viewing all tasks, you can use the keywords in this section to search and filter them.
Name
The Name field can be searched using the syntax name:<text>.
name:"test scan"
Description
The Description field can be searched using the syntax description:<text>
description:"full scan"
Created by
The Created By field can be searched using the syntax created_by:<term>.
created_by:"admin"
Type
The task type can be searched using type:<text>.
type:scan
Status
The task status can be searched using status:<text>.
status:error
Error
The task error message can be searched using error:<text>.
error:"no disk space"
Recurrence frequency
The frequency tasks recur at (the “Freq” column) can be searched using recur_frequency:<text> or freq:<text>. The
term recurring:<boolean> or recur:<boolean> can be used to search based on whether tasks recur at all.
recur_frequency:hourly
freq:daily
freq:continuous
recur:true
To search for tasks with a frequency of Nth Weekday of Month, you can use (for example) freq:nth_weekday,2 freq:monday to find tasks which repeat on the second monday of each month.
Timestamps (created at, updated at)
The timestamp fields, created_at and updated_at, can be searched using the syntax created_at:<term> and updated_at:<term>. The term supports the standard runZero [time comparison syntax][time].
created_at:>2weeks
created_at:<30minutes
updated_at:>1month
updated_at:2hours
Next/last run time
You can search by next recurrence and last recurrence using the terms recur_last:<term> and recur_next:<term>. The term supports the standard runZero [time comparison syntax][time].
recur_last:<2hours
recur_next:>1day
Start time
You can search by start time using the syntax start_time:<term>. The term supports the standard runZero [time comparison syntax][time].
start_time:<2hour
Grace period
The grace period can be searched using the syntax grace_period:<term> or just grace:<term>. The term supports the standard runZero [time comparison syntax][time].
grace:<2hour
Site name or ID
Use the syntax site:<term> to filter by site name or ID.
site:Primary
site:"Branch Office"
site:ad67d649-041b-439d-af59-f200053a8899
Template ID
Use the syntax template_id:<term> to filter by scan template ID.
template_id:de657459-041b-439d-af59-ff1f153a7722
Source
The data source for tasks can be searched using the term source:<text> or source_id:<number>.
source:censys
Sources are:
| ID | Name | Description |
|---|---|---|
| 1 | runzero |
runZero |
| 2 | miradore |
Miradore |
| 3 | aws |
Amazon Web Services |
| 4 | crowdstrike |
CrowdStrike |
| 5 | azure |
Microsoft Azure |
| 6 | censys |
Censys |
| 7 | vmware |
VMWare |
| 8 | gcp |
Google Cloud Platform |
| 9 | sentinelone |
SentinelOne |
| 10 | tenable |
Tenable.io & Nessus |
| 12 | rapid7 |
Rapid7 Nexpose & InsightVM |
| 14 | qualys |
Qualys VMDR |
| 15 | shodan |
Shodan |
| 16 | azuread |
Azure AD |
| 17 | ldap |
Active Directory (LDAP) |
| 18 | ms365defender |
Microsoft 365 Defender |
| 19 | intune |
Microsoft Intune |
| 20 | googleworkspace |
Google Workspace |
| 21 | sample |
runZero traffic sampling |
| 22 | tenablesecuritycenter |
Tenable Security Center |
| 23 | packet |
runZero packet capture import |
| 24 | wiz |
Wiz |
Credential ID
You can search for tasks that use a specific set of credentials using credential_id:<id>.
credential_id:d7931a68-6e56-11ec-ad72-f875a414a63a
Parameters
Tasks can be searched for task parameters using params:<text>.
This can be useful for searching for scan tasks that had specific probes enabled.
params:bacnet
Asset counts
Completed tasks can be searched by the asset counts found in their results. The available search terms are:
- New assets:
assets_new:<number> - Assets back online:
assets_back_online:<number> - Assets marked offline:
assets_marked_offline:<number> - Assets changed:
assets_changed:<number> - Assets unchanged:
assets_unchanged:<number> - Assets ignored:
assets_ignored:<number> - Assets updated:
assets_updated:<number>
These terms support numerical comparison operators (>, >=, <, <=, =).
assets_new:>0
assets_unchanged:>=1