Skip to main content
All CollectionsSettings and AccountVulcan API
Magic Search (VMS) UI and API Reference Guide
Magic Search (VMS) UI and API Reference Guide
Updated over a week ago

About

This guide is a comprehensive reference for Magic Search parameters, operators, and input types available in both the UI and APIv2 of the Vulcan Cyber ExposureOS platform. It provides a detailed mapping of each parameter, highlighting their usage and variations between the two interfaces.

Legend

  • Fields in square brackets [X] are specific to the API.

  • Fields without brackets are UI-specific.

  • Operators are consistent between UI and API unless explicitly noted in brackets for API.

Magic Search Parameters and Operators (UI vs API)

Category

[category_name]

Parameter

[parameter_name]

Operators

[operator]

Input per operator

[value]

Vulnerability

[vulnerability]

Name

[name]

is, is not, contains, does not contain, in regex, not in regex

free text

[string]

Supported regex: Perl-Compatible Regular Expressions (PCRE). For example, ^\d{3}-\d{2}-\d{4}.

Vulnerability

[vulnerability]

Source

[vuln_source]

is, is not

Multi-select*

Array/list: [item1, item2, item3]

"value": ["source1", "source2", "source3"]

Vulnerability

[vulnerability]

CVE

[cve]

is, is not


contains, does not contain


is empty, is not empty

Multi-select*

Array/list: [item1, item2, item3]

"value": ["source1", "source2", "source"]


free text

[string]



Boolean

[null]

Vulnerability

[vulnerability]

CWE

[cwe]

is, is not, contains, does not contain


is empty, is not empty

free text

[string]


Boolean

[null]

Vulnerability

[vulnerability]

CVSS

[cvss]

is, is not, greater than, less than


is empty, is not empty

Numbers (0.0–10.0)
​"9.5"


Boolean

[null]

Vulnerability

[vulnerability]

EPSS

[epss]

is, is not, greater than, less than


is empty, is not empty

Percentage (0–100%)
90"


Boolean

[null]

Vulnerability

[vulnerability]

Fix Type

[has_fix]

is, is not


any fix, no fix

Multi-select*

Array/list: [item1, item2, item3]

"value": ["Fixtype1", "Fixtype2", "Fixtype3"]


Boolean

[null]

Vulnerability

[vulnerability]

Patchable

[is_patchable]

is true, is false

Boolean

[null]

Vulnerability

[vulnerability]

Publish Date

[publish_date]

between


before
after


before days

in the last
[in last]

Date range

["2024-11-11", "2024-11-20"]


Date
"2024-11-20"


Number (days)

"14"

Vulnerability

[vulnerability]

Last Seen

[last_seen]

between


before
after


in more than

before (days)
[before days]

in the last
[in last]

Date range

["2024-11-11", "2024-11-20"]


Date
"2024-11-20"


Number (days)

"14"

Vulnerability

[vulnerability]

First Seen

[first_seen]

between


before


after


in more than

before (days)
[before days]

in the last
[in last]

Date range

["2024-11-11", "2024-11-20"]


Date
"2024-11-20"


Number (days)

"14"

Vulnerability

[vulnerability]

Modified on

[modified on]

between


before


after


in more than

before (days)
[before days]

in the last
[in last]

in less than
[within]

Date range

["2024-11-11", "2024-11-20"]


Date
"2024-11-20"


Number (days)

"14"

Vulnerability

[vulnerability]

Fixed on

[fixed on]

between


before
after


before (days)
[before days]

in the last
[in last]

Date range

["2024-11-11", "2024-11-20"]


Date
"2024-11-20"


Number (days)

"14"

Vulnerability

[vulnerability]

Threats tag

[threats]

is, is not


contains, does not contain



is empty, is not empty

Multi-select*

Array/list: [item1, item2, item3]

"value": ["source1", "source2", "source3"]


free text

[string]


Boolean

[null]

Vulnerability

[vulnerability]

Maturity rank

[maturity_rank]

is, is not


is empty

Multi-select*

Array/list: [item1, item2, item3]

"value": ["source1", "source2", "source3"]


Boolean

[null]

Vulnerability

[vulnerability]

vulnerability tag

[vulnerability_tag]

is, is not


contains, does not contain


is empty, is not empty

Multi-select*

Array/list: [item1, item2, item3]

"value": ["source1", "source2", "source3"]


free text

[string]


Boolean

[null]

Vulnerability

[vulnerability]

Affected Package

[affected_package]

is, is not, contains, does not contain

free text

[string]

Vulnerability

[vulnerability]

Asset count

[assets_count]

is, is not, greater than, less than

Number

Vulnerability

[vulnerability]

Affected vendor

[vendor]

is, is not



contains, does not contain

Multi-select*

Array/list: [item1, item2, item3]

"value": ["source1", "source2", "source3"]


free text

[string]

Vulnerability

[vulnerability]

Status

[status]

is, is not

Multi-select out of:*

  • False Positive: [falsePositive]

  • Fixed: [fixed]

  • In Progress: [inProgress]

  • Risk Acknowledged: [riskAcknowledged]

  • Vulnerable: [vulnerable]

Array/list: [item1, item2, item3]

"value": ["source1", "source2", "source3"]

Asset

[asset]

Name

[name]

is, is not, contains, does not contain, in regex, not in regex

free text

[string]

Supported regex: Perl-Compatible Regular Expressions (PCRE). For example, ^\d{3}-\d{2}-\d{4}.

Asset

[asset]

Type

[type]

is, is not

Multi-select out of:*

  • Cloud Resources: [cloud_resources]

  • Code Project: [code_project]

  • Host: [host]

  • Image: [repository]

  • Website: [website]

Array/list: [item1, item2, item3]

"value": ["type1", "type2", "type3"]

Asset

[asset]

Connector

[connector]

is, is not

Multi-select*

Array/list: [item1, item2, item3]

"value": ["connector1", "connector2", "connector3"]

Asset

[asset]

Source

[connector_type]

is, is not

Multi-select*

Array/list: [item1, item2, item3]

"value": ["source1", "source2", "source3"]

Asset

[asset]

Business Group

[business_group]

is, is not


contains, does not contain


is empty, is not empty

Multi-select*

Array/list: [item1, item2, item3]

"value": ["bg1", "bg2", "bg3"]


free text [string]


Boolean [null]

Asset

[asset]

Asset Tag

[asset_tag]

is, is not


contains, does not contain


is empty, is not empty

Multi-select*

Array/list: [item1, item2, item3]

"value": ["tag1", "tag2", "tag3"]


free text

[string]


Boolean [null]

Asset

[asset]

OS

[os]

is, is not

Multi-select*

Array/list: [item1, item2, item3]

"value": ["bg1", "bg2", "bg3"]

Asset

[asset]

OS and Version

[os_and_version]

is, is not

Multi-select*

Array/list: [item1, item2, item3]

"value": ["bg1", "bg2", "bg3"]

Asset

[asset]

OS End of Life

[os_eol]

reached, did not reach


will reach within, will reach after, in the last, in more than

Boolean [null]


Number (days)

"14"

Asset

[asset]

Cloud Instance ID

[cloud_instance_id]

contains, does not contain, is, is not


is empty, is not empty

free text

[string]


Boolean [null]

Asset

[asset]

Last Seen

[last_seen]

between


before
after


in more than

before (days)
[before days]

in the last
[in last]

Date range

["2024-11-11", "2024-11-20"]


Date
"2024-11-20"


Number (days)

"14"

Asset

[asset]

First Seen

[first_seen]

between


before
after


in more than

before (days)
[before days]

in the last
[in last]

Date range

["2024-11-11", "2024-11-20"]


Date
"2024-11-20"


Number (days)

"14"

Asset

[asset]

SLA Status

[sla_status]

compliant, exceeding

Boolean [null]

Asset

[asset]

SLA

[sla]

in the last
[in last]

in more than

in less than
[within]

Number (days)

"14"

Asset

[asset]

IP

[ip]

is, is not


contains, does not contain


in subnet, not in subnet

IP address (x.x.x.x)


free text

[string]



Set IP range in CIDR format (x.x.x.x/xx)

10.0.0.16/24"

Asset

[asset]

FQDN

[fqdn]

contains, does not contain

free text

[string]

Asset

[asset]

Port

[port]

is, is not, contains, does not contain

Number (port number)

Asset

[asset]

External Facing

[external_facing]

is, is not


is true, is false

Multi-select*

Array/list: [item1, item2, item3]

"value": ["bg1", "bg2", "bg3"]


Boolean [null]

Asset

[asset]

Scan Coverage

[scan_coverage]

is true, is false

Boolean [null]

Asset

[asset]

Repo Name

[repo_name]

is, is not


contains, does not contain,

Multi-select*

Array/list: [item1, item2, item3]

"value": ["bg1", "bg2", "bg3"]


free text

[string]

Asset

[asset]

Dynamic Property

[ownership_property]

is, is not


does not exist, exists


contains, does not contain

Multi-select*

Array/list: [item1, item2, item3]

"value": ["bg1", "bg2", "bg3"]


Boolean [null]


free text

[string]

Risk

[risk]

Score

[risk_score]

is, is not, greater than, less than

Number:

Critical: ["100, 90"]

High: ["89, 70"]

Medium: ["69, 40"]

Low: ["39, 1"]

None: ["0, 0"]

Risk

[risk]

Level

[risk_level]

is, is not

Multi-select*

Array/list: [item1, item2, item3]

"value": ["bg1", "bg2", "bg3"]

Risk

[risk]

**SPR

[spr_threshold]

is above threshold [greater than]


is within accepted threshold [less than]


moved above threshold [moved_above_threshold]

moved to within accepted threshold [moved_within_threshold]

Boolean

[null]



Date range

["2024-11-11", "2024-11-20"]

Connector

[connector]

Tenablesc Pluginid

[tenablesc_pluginid]

contains, does not contain


is empty, is not empty

free text

[string]


Boolean

[null]

Connector

[connector]

Tenableio Pluginid

[tenableio_pluginid]

contains, does not contain


is empty, is not empty

free text

[string]


Boolean

[null]

Connector

[connector]

Aqua Results

[aqua_results]

is, is not

Multi-select*

Array/list: [item1, item2, item3]

"value": ["bg1", "bg2", "bg3"]

Connector

[connector]

Hackerone Assigned To

[hackerone_assigned_to]

is, is not


contains, does not contain

Multi-select*

Array/list: [item1, item2, item3]

"value": ["bg1", "bg2", "bg3"]


free text

[string]

Connector

[connector]

Hackerone State

hackerone_state

is, is not


contains, does not contain

Multi-select*

Array/list: [item1, item2, item3]

"value": ["bg1", "bg2", "bg3"]


free text

[string]

Connector

[connector]

Hackerone Affected Asset

[hackerone_affected_asset]

is, is not


contains, does not contain

Multi-select*

Array/list: [item1, item2, item3]

"value": ["bg1", "bg2", "bg3"]


free text

[string]

Connector

[connector]

Prismacloud Vuln. Type

[prismacloud_vuln_type]

contains, does not contain

free text

[string]

Connector

[connector]

Qualys Vuln. QID

[qualys_qid]

is, is not


contains, does not contain

Multi-select*

Array/list: [item1, item2, item3]

"value": ["bg1", "bg2", "bg3"]


free text

[string]

Connector

[connector]

Qualys Vuln. Type

[qualys_vuln_type]

contains, does not contain

free text

[string]

Connector

[connector]

AWS Account ID

[aws_account_id]

is, is not


contains, does not contain

Multi-select*

Array/list: [item1, item2, item3]

"value": ["bg1", "bg2", "bg3"]


free text

[string]

Footnotes

  • *For dynamic inputs (e.g., multi-select options), users are advised to perform a GET request to retrieve the available options for their tenant or environment. This ensures accurate and context-specific queries.

  • **SPR threshold operators:

    • Is Above Threshold - Identify instances where SPR exceeds your defined limits.

    • Is Within Accepted Threshold - Filter for instances maintaining SPR within your acceptable range.

    • Moved Above Threshold - Use the Date Picker to track when an SPR has exceeded the threshold.

    • Moved to Within Accepted Threshold - Utilize the Date Picker to determine when an SPR has improved and fallen within the desired threshold.

Did this answer your question?