-
Notifications
You must be signed in to change notification settings - Fork 1
Example MongoDB queries
George Ehrhorn edited this page Jun 18, 2013
·
2 revisions
The hostname, ip, and tags for all systems that have an event in the "Denial of Service" family.
db.scans.find(
{ "events.family": "Denial of Service" },
{
_id: 0,
hostname: 1,
ip: 1,
tags: 1
}
)All systems that have a high (>= 3) severity event where there is a patch available
db.scans.find(
{
"events.severity" : { $gte: 3 },
"patch_publication_date" : { $ne: "false" }
},
{
_id: 0,
ip: 1,
hostname: 1
}
)All systems tagged with "web" and sorted by aggregate risk.
db.scans.find(
{ tags: { $in : ['web'] } },
{
_id: 0,
ip: 1,
hostname: 1,
aggregate_cvss_score: 1
}
).sort({ aggregate_cvss_score : -1})