You can create a custom advanced query with granular search capabilities using EQL syntax to better find and resolve cyberthreats. Advanced query offers deep visibility into your CylanceOPTICS environment, expansive query options, and optimized workflows that allow you to combine related searches to reveal new insights. Advanced query is supported for devices with the CylanceOPTICS agent version 3.0 or later.
If you don’t set the scope, the query applies to all zones and devices.
If you don’t set a range, the query applies to all available data.
You can perform actions from certain results. For example, you can request and view focus data or quarantine a file.
Now you know how to create an advanced query for CylanceOPTICS.
For more information about advanced queries, take a look at Create an advanced query in the Cylance Endpoint Security Administration Guide.