Examine a Device Profile

You can examine the details about your devices by looking at their profiles, which displays the data that Axonius collected and correlated from multiple sources.

To learn more about Device Profile, see:

• Asset Profile page
• Asset Profile Page - Complex Fields

To Achieve this Milestone

Search for a device and examine its profile using one of the following methods:

• Search icon on any Axonius page - to search for a specific asset.
• Devices page - run a saved query or create your own to get a desired list of devices.

Searching for Assets

The search bar enables free text search to identify and investigate a specific asset.

To search for assets:

1. Click the search icon to open the search bar on any Axonius page.
2. Enter the text to be searched.
   When you search for a specific text, the search is executed on the main device or user attributes, including:
   • Devices - asset name, host, manufacturer serial number, MAC addresses, IP addresses, last used users and tags.
   • Users - mail, username, first name, last name, tag.
3. The Search page opens, displaying the results in two separate tables, Devices and Users, sorted by the number of solutions discovered on the asset ('Adapter Connections' column).

4. In the search page, you can:
   • Investigate a specific asset - click any device or user record to review its details. For details, see Asset Profile page.
   • View the entire device or user list of results - click 'View in Devices' or 'Click in Users' will display the complete list of results. For details, see Devices page and Users page.

You can add Axonius as an "other search engine" in Google Chrome to search for assets in Axonius directly from Google Chrome address bar.
For more details, see Searching for Assets.

Running a Saved Query

The Devices page displays all the collected devices for the chosen query. The query name is displayed above the search bar.
If no query has been chosen, the page displays all collected devices.

To run a saved query:

1. Click the Assets icon and from the left-pane, select Devices

2. Click Saved Queries on the top right corner above the query results table. The Queries page opens, displaying all the saved queries filtered by device entities.
   

3. Search for a query and click its record to view its details and then run it.

4. Click any device record to review its details. For details, see Asset Profile page.

5. Click Asset Investigation to see more details about events on a specific asset.

For more details on working with saved queries, see Saved Queries.

Running your Own Query

Use the Query Wizard to create granular queries to understand how assets adhere to their policies.

To create and run your own query:

1. From the Devices page, click Query Wizard on the top right corner above the Devices table.

2. Use the Query Wizard to add filtering expressions on different properties of devices. You can create multiple filter expressions and decide on the logical operators between them to create complex filtering conditions.

   For example, the expression below filters all devices with a Windows operating system (OS: Type) that were seen in Axonius in the last 7 days:

• The Query Wizard consists of the following elements which require user input to create a filter expression:
  1. WHERE/WHERE NOT switch
  2. AND / OR/ AND NOT/ OR NOT switch
  3. NOT Flag
  4. Source drop-down
  5. Adapter drop-down
  6. Field drop-down
  7. Operator drop-down
  8. Value field
  9. Bracket controls
     
     

3. To run the query, click Search.
4. Click any device record to review its details. For details, see Asset Profile page.

To learn more about Query Wizard elements and advanced querying, see Creating Queries with the Query Wizard.