What Wildcards Can Be Used for Search Queries?
Article ID: 291723
Updated On:
Products
Carbon Black Cloud Endpoint Standard (formerly Cb Defense)
Carbon Black Cloud Audit and Remediation
Carbon Black Cloud Audit and Remediation (formerly Cb Live Ops)
Carbon Black Cloud Container
Carbon Black Cloud Endpoint Standard
Carbon Black Cloud Enterprise EDR
Carbon Black Cloud Enterprise EDR (formerly Cb Threathunter)
Carbon Black Cloud Managed Detection (formerly Cb Threatsight)
Carbon Black Cloud Managed Detection and Response
Carbon Black Cloud Managed Threat Hunting
Carbon Black Cloud Prevention
Carbon Black Cloud Workload
Issue/Introduction
What wildcards can be used for search queries?
Environment
- Carbon Black Cloud Console
Resolution
| Wildcard | Description | Example |
|---|---|---|
| ? | 1 character wildcard | "wordfile?" or "?:\" |
| * | 1 to many characters in single directory |
"*\file.exe" matches "c:\file.exe" |
| ** | recursive wildcard on many subdirectories |
"c:\**\file.exe" matches "c:\<dir>\<subdir>\..\file.exe" |
Additional Information
The noted Wildcards currently require being used as trailing 3 characters at least.
You can use Logical Operators to combine searches and filter out unwanted search results. If you are trying to search for a file extension for example, you may need to use:
You can use Logical Operators to combine searches and filter out unwanted search results. If you are trying to search for a file extension for example, you may need to use:
<file extension you are searching for> AND (NOT all.app.name:<application that is not related to what you're searching for> OR NOT all.app.name:<other application or applications you want filtered out>)
Feedback
Yes
No
Powered by
