You can combine different terms to create complex searches.
The table lists examples of searches combining different terms and techniques.
|Find alerts seen in the last 2 days that are related to GDPR policy checks.|| |
|Find hosts that were started in the last 3 days, are not part of an auto scaling group, and have a public interface.|| |
|Find public, unencrypted S3 buckets created in the last year.|| |
|Find S3 buckets created in the last 6 months, by aws-pcg in the us-west-2 region.|| |
|Find over-privileged IAM users created over a month ago that have been inactive.|| |
|Find security groups that allow inbound traffic from any port and from any IP address.|| |
|Find hosts with outbound traffic to specific IP addresses and ports.|| |
|Find hosts with the Sophos server protection agent installed, and the agent reports bad security health.|| |