You've noticed some detection issue, performance, false positives, false negatives, etc. The relevant logs point you in the direction of a specific condition based on that condition ID, and you need to find the name of the condition and policy it is associated with.
When problematic conditions show up in the logs, there is no reference to the policy that condition is a part of, nor the name of the condition itself.
You can run the following SQL query to list the Policy and condition names, as well as their associated IDs. Simply replace<list of condition ids> with a comma separated list of conditionids found to be causing issues.
, p.name "PolicyName"
, dr.name "RuleName"
, cv.name "ConditionName"
from policy p
join detectionrule dr
on p.policyid = dr.policyid
join conditiondetectionrule cdr
on dr.toplevelconditionid = cdr.toplevelconditionid
join conditionview cv
on cdr.conditionid = cv.conditionid
where cdr.conditionid in (<list of condition ids>);