Skip to main content
All CollectionsSettings and AccountVulcan API
Magic Search (VMS) UI and API Reference Guide
Magic Search (VMS) UI and API Reference Guide
Updated this week

About

This guide is a comprehensive reference for Magic Search parameters, operators, and input types available in both the UI and APIv2 of the Vulcan Cyber ExposureOS platform. It provides a detailed mapping of each parameter, highlighting their usage and variations between the two interfaces.

Legend

  • Fields in square brackets [X] are specific to the API.

  • Fields without brackets are UI-specific.

  • Operators are consistent between UI and API unless explicitly noted in brackets for API.

Magic Search Parameters and Operators (UI vs API)

Category

[category_name]

Parameter

[parameter_name]

Operators

[operator]

Input per operator

[value]

Vulnerability

[vulnerability]

Name

[name]

is, is not, contains, does not contain, in regex, not in regex

free text

[string]

Supported regex: Perl-Compatible Regular Expressions (PCRE). For example, ^\d{3}-\d{2}-\d{4}.

Vulnerability

[vulnerability]

Source

[vuln_source]

is, is not

Multi-select*

Array/list: [item1, item2, item3]

"value": ["source1", "source2", "source3"]

Vulnerability

[vulnerability]

CVE

[cve]

is, is not

contains, does not contain

is empty, is not empty

Multi-select*

Array/list: [item1, item2, item3]

"value": ["source1", "source2", "source"]

free text

[string]


Boolean

[null]

Vulnerability

[vulnerability]

CWE

[cwe]

is, is not, contains, does not contain

is empty, is not empty

free text

[string]

Boolean

[null]

Vulnerability

[vulnerability]

CVSS

[cvss]

is, is not, greater than, less than

is empty, is not empty

Numbers (0.0–10.0)
​"9.5"

Boolean

[null]

Vulnerability

[vulnerability]

EPSS

[epss]

is, is not, greater than, less than

is empty, is not empty

Percentage (0–100%)
90"

Boolean

[null]

Vulnerability

[vulnerability]

Fix Type

[has_fix]

is, is not

any fix, no fix

Multi-select*

Array/list: [item1, item2, item3]

"value": ["Fixtype1", "Fixtype2", "Fixtype3"]

Boolean

[null]

Vulnerability

[vulnerability]

Patchable

[is_patchable]

is true, is false

Boolean

[null]

Vulnerability

[vulnerability]

Publish Date

[publish_date]

between

before
after

before days

in the last
[in last]

Date range

["2024-11-11", "2024-11-20"]

Date
"2024-11-20"

Number (days)

"14"

Vulnerability

[vulnerability]

Last Seen

[last_seen]

between

before
after

in more than

before (days)
[before days]

in the last
[in last]

Date range

["2024-11-11", "2024-11-20"]

Date
"2024-11-20"

Number (days)

"14"

Vulnerability

[vulnerability]

First Seen

[first_seen]

between

before


after

in more than

before (days)
[before days]

in the last
[in last]

Date range

["2024-11-11", "2024-11-20"]

Date
"2024-11-20"

Number (days)

"14"

Vulnerability

[vulnerability]

Modified on

[modified on]

between

before


after

in more than

before (days)
[before days]

in the last
[in last]

in less than
[within]

Date range

["2024-11-11", "2024-11-20"]

Date
"2024-11-20"

Number (days)

"14"

Vulnerability

[vulnerability]

Fixed on

[fixed on]

between

before
after

before (days)
[before days]

in the last
[in last]

Date range

["2024-11-11", "2024-11-20"]

Date
"2024-11-20"

Number (days)

"14"

Vulnerability

[vulnerability]

Threats tag

[threats]

is, is not

contains, does not contain


is empty, is not empty

Multi-select*

Array/list: [item1, item2, item3]

"value": ["source1", "source2", "source3"]

free text

[string]

Boolean

[null]

Vulnerability

[vulnerability]

Maturity rank

[maturity_rank]

is, is not

is empty

Multi-select*

Array/list: [item1, item2, item3]

"value": ["source1", "source2", "source3"]

Boolean

[null]

Vulnerability

[vulnerability]

vulnerability tag

[vulnerability_tag]

is, is not

contains, does not contain

is empty, is not empty

Multi-select*

Array/list: [item1, item2, item3]

"value": ["source1", "source2", "source3"]

free text

[string]

Boolean

[null]

Vulnerability

[vulnerability]

Affected Package

[affected_package]

is, is not, contains, does not contain

free text

[string]

Vulnerability

[vulnerability]

Asset count

[assets_count]

is, is not, greater than, less than

Number

Vulnerability

[vulnerability]

Affected vendor

[vendor]

is, is not


contains, does not contain

Multi-select*

Array/list: [item1, item2, item3]

"value": ["source1", "source2", "source3"]

free text

[string]

Vulnerability

[vulnerability]

Status

[status]

is, is not

Multi-select out of:*

  • False Positive: [falsePositive]

  • Fixed: [fixed]

  • In Progress: [inProgress]

  • Risk Acknowledged: [riskAcknowledged]

  • Vulnerable: [vulnerable]

Array/list: [item1, item2, item3]

"value": ["source1", "source2", "source3"]

Asset

[asset]

Name

[name]

is, is not, contains, does not contain, in regex, not in regex

free text

[string]

Supported regex: Perl-Compatible Regular Expressions (PCRE). For example, ^\d{3}-\d{2}-\d{4}.

Asset

[asset]

Type

[type]

is, is not

Multi-select out of:*

  • Cloud Resources: [cloud_resources]

  • Code Project: [code_project]

  • Host: [host]

  • Image: [repository]

  • Website: [website]

Array/list: [item1, item2, item3]

"value": ["type1", "type2", "type3"]

Asset

[asset]

Connector

[connector]

is, is not

Multi-select*

Array/list: [item1, item2, item3]

"value": ["connector1", "connector2", "connector3"]

Asset

[asset]

Source

[connector_type]

is, is not

Multi-select*

Array/list: [item1, item2, item3]

"value": ["source1", "source2", "source3"]

Asset

[asset]

Business Group

[business_group]

is, is not

contains, does not contain

is empty, is not empty

Multi-select*

Array/list: [item1, item2, item3]

"value": ["bg1", "bg2", "bg3"]

free text [string]

Boolean [null]

Asset

[asset]

Asset Tag

[asset_tag]

is, is not

contains, does not contain

is empty, is not empty

Multi-select*

Array/list: [item1, item2, item3]

"value": ["tag1", "tag2", "tag3"]

free text

[string]

Boolean [null]

Asset

[asset]

OS

[os]

is, is not

Multi-select*

Array/list: [item1, item2, item3]

"value": ["bg1", "bg2", "bg3"]

Asset

[asset]

OS and Version

[os_and_version]

is, is not

Multi-select*

Array/list: [item1, item2, item3]

"value": ["bg1", "bg2", "bg3"]

Asset

[asset]

OS End of Life

[os_eol]

reached, did not reach

will reach within, will reach after, in the last, in more than

Boolean [null]

Number (days)

"14"

Asset

[asset]

Cloud Instance ID

[cloud_instance_id]

contains, does not contain, is, is not

is empty, is not empty

free text

[string]

Boolean [null]

Asset

[asset]

Last Seen

[last_seen]

between

before
after

in more than

before (days)
[before days]

in the last
[in last]

Date range

["2024-11-11", "2024-11-20"]

Date
"2024-11-20"

Number (days)

"14"

Asset

[asset]

First Seen

[first_seen]

between

before
after

in more than

before (days)
[before days]

in the last
[in last]

Date range

["2024-11-11", "2024-11-20"]

Date
"2024-11-20"

Number (days)

"14"

Asset

[asset]

SLA Status

[sla_status]

compliant, exceeding

Boolean [null]

Asset

[asset]

SLA

[sla]

in the last
[in last]

in more than

in less than
[within]

Number (days)

"14"

Asset

[asset]

IP

[ip]

is, is not

contains, does not contain

in subnet, not in subnet

IP address (x.x.x.x)

free text

[string]


Set IP range in CIDR format (x.x.x.x/xx)

10.0.0.16/24"

Asset

[asset]

FQDN

[fqdn]

contains, does not contain

free text

[string]

Asset

[asset]

Port

[port]

is, is not, contains, does not contain

Number (port number)

Asset

[asset]

External Facing

[external_facing]

is, is not

is true, is false

Multi-select*

Array/list: [item1, item2, item3]

"value": ["bg1", "bg2", "bg3"]

Boolean [null]

Asset

[asset]

Scan Coverage

[scan_coverage]

is true, is false

Boolean [null]

Asset

[asset]

Repo Name

[repo_name]

is, is not

contains, does not contain,

Multi-select*

Array/list: [item1, item2, item3]

"value": ["bg1", "bg2", "bg3"]

free text

[string]

Asset

[asset]

Dynamic Property

[ownership_property]

is, is not

does not exist, exists

contains, does not contain

Multi-select*

Array/list: [item1, item2, item3]

"value": ["bg1", "bg2", "bg3"]

Boolean [null]

free text

[string]

Risk

[risk]

Score

[risk_score]

is, is not, greater than, less than

Number:

Critical: ["100, 90"]

High: ["89, 70"]

Medium: ["69, 40"]

Low: ["39, 1"]

None: ["0, 0"]

Risk

[risk]

Level

[risk_level]

is, is not

Multi-select*

Array/list: [item1, item2, item3]

"value": ["bg1", "bg2", "bg3"]

Risk

[risk]

**SPR

[spr_threshold]

is above threshold [greater than]


is within accepted threshold [less than]

moved above threshold [moved_above_threshold]

moved to within accepted threshold [moved_within_threshold]

Boolean

[null]


Date range

["2024-11-11", "2024-11-20"]

Connector

[connector]

Tenablesc Pluginid

[tenablesc_pluginid]

contains, does not contain

is empty, is not empty

free text

[string]

Boolean

[null]

Connector

[connector]

Tenableio Pluginid

[tenableio_pluginid]

contains, does not contain

is empty, is not empty

free text

[string]

Boolean

[null]

Connector

[connector]

Aqua Results

[aqua_results]

is, is not

Multi-select*

Array/list: [item1, item2, item3]

"value": ["bg1", "bg2", "bg3"]

Connector

[connector]

Hackerone Assigned To

[hackerone_assigned_to]

is, is not

contains, does not contain

Multi-select*

Array/list: [item1, item2, item3]

"value": ["bg1", "bg2", "bg3"]

free text

[string]

Connector

[connector]

Hackerone State

hackerone_state

is, is not

contains, does not contain

Multi-select*

Array/list: [item1, item2, item3]

"value": ["bg1", "bg2", "bg3"]

free text

[string]

Connector

[connector]

Hackerone Affected Asset

[hackerone_affected_asset]

is, is not

contains, does not contain

Multi-select*

Array/list: [item1, item2, item3]

"value": ["bg1", "bg2", "bg3"]

free text

[string]

Connector

[connector]

Prismacloud Vuln. Type

[prismacloud_vuln_type]

contains, does not contain

free text

[string]

Connector

[connector]

Qualys Vuln. QID

[qualys_qid]

is, is not

contains, does not contain

Multi-select*

Array/list: [item1, item2, item3]

"value": ["bg1", "bg2", "bg3"]

free text

[string]

Connector

[connector]

Qualys Vuln. Type

[qualys_vuln_type]

contains, does not contain

free text

[string]

Connector

[connector]

AWS Account ID

[aws_account_id]

is, is not

contains, does not contain

Multi-select*

Array/list: [item1, item2, item3]

"value": ["bg1", "bg2", "bg3"]

free text

[string]

Footnotes

  • *For dynamic inputs (e.g., multi-select options), users are advised to perform a GET request to retrieve the available options for their tenant or environment. This ensures accurate and context-specific queries.

  • **SPR threshold operators:

    • Is Above Threshold - Identify instances where SPR exceeds your defined limits.

    • Is Within Accepted Threshold - Filter for instances maintaining SPR within your acceptable range.

    • Moved Above Threshold - Use the Date Picker to track when an SPR has exceeded the threshold.

    • Moved to Within Accepted Threshold - Utilize the Date Picker to determine when an SPR has improved and fallen within the desired threshold.

Related Articles
Vulcan ConnectX (Vulcan Report) Connector
Working with Vulcan API v1
API Paths and Endpoints
API v1 Use Case Code Examples
Magic Search and Filters (VMS)
Did this answer your question?