SPL
High Severity Vulnerabilities - Qualys
Description
The following Splunk query will show the percentage of high severity vulnerabilities within the Qualys Sourcetype:
0 0
eventtype="qualys_vm_detection_event" |eval Success= if(SEVERITY >3,1,0)|stats count as total sum(Success) as success|eval Per_high=(success/total)*100I take no credit for this. These queries were discovered on Tarun Kumar's blog.
Comments
0 total
Be the first to comment on this SPL.
Leave a comment
You must log in to post a comment.