Violation Filter Operators
This document describes all the operators provided by Nightfall to perform search operations on the Violations page. You can use these operators to search for specific violations.
Nightfall provides you with two types of operators which are described in the following sections.
General Operators
Operator Name | Description |
---|---|
annotation_comment | This operator allows you to filter violations using the annotation comments. |
annotation_type | |
confidence | This operator allows you to filter violations using the Confidence level which can either be Possible, likely, or Very Likely. |
detection_rule_id | This operator allows you to filter violations using the unique detection rule ID. |
detector_id | This operator allows you to filter violations using the unique detector ID. |
file_name | This operator allows you to filter violations using the name of the file that triggered the violated |
file_type | This operator allows you to filter violations using the type of file that triggered the violation. |
integration_name | This operator allows you to filter violations using the integration name. |
policy_id | This operator allows you to filter violations using the unique ID of the policy. |
policy_name | This operator allows you to filter violations using the name of the policy. |
post_context | |
pre_context | |
quote | This operator allows you to filter violations using the quote. |
user_email | This operator allows you to filter violations using the |
user_name | This operator allows you to filter violations using the name of the user who triggered the violation. |
violation_id | This operator allows you to filter violations using the unique ID of the violation. |
Integration Operators
Confluence Operators
Confluence.parent_page_name
This operator allows you to filter violations using the Confluence page's parent page name in which the violation was discovered.
Confluence.space_name
This operator allows you to filter violations using Confluence's space name in which the violation was discovered.
GitHub Operators
GitHub.author_email
This operator allows you to filter violations using the Email ID of the GitHub user who triggered the violation.
GitHub.branch
This operator allows you to filter violations using the name of the GitHub branch in which the violation was triggered.
GitHub.commit
This operator allows you to filter violations using the GitHub commit ID in which the violation was discovered.
GitHub.org
This operator allows you to filter violations using the GitHub organization name in which the violation was discovered.
github.repository
This operator allows you to filter violations using the GitHub repository name in which the violation was discovered.
github.repository_owner
This operator allows you to filter violations using the name of the GitHub repository owner in which the violation was discovered.
JIRA Operators
jira.project_name
This operator allows you to filter violations using the name of the JIRA project in which the violation was discovered.
jira.ticket_number
This operator allows you to filter violations using the ticket number of the JIRA in which the violation was discovered.
Notion Operators
notion.created_by
This operator allows you to filter violations using the name of the user who created the notion page in which the violation was discovered.
notion.last_edited_by
This operator allows you to filter violations using the name of the user who last edited the notion page in which the violation was discovered.
Notion.page_title
This operator allows you to filter violations using the title of the page in which the violation was discovered.
notion.workspace_name
This operator allows you to filter violations using the name of the Notion workspace in which the violation was discovered.
Slack Operators
Slack.channel_id
This operator allows you to filter violations using the ID of the Slack channel in which the violation was discovered.
Slack.channel_name
This operator allows you to filter violations using the name of the Slack channel in which the violation was discovered.
slack.workspace
This operator allows you to filter violations using the name of the Slack Workspace in which the violation was discovered.
MS Teams
teams.channel_name
This operator allows you to filter violations using the name of the channel in which the violation was discovered.
teams.channel_type
This operator allows you to filter violations using the channel type name in which the violation was discovered.
teams.msg_attachment
teams.msg_importance
teams.sender
This operator allows you to filter violations using the name of the sender who triggered the violation.
teams.team_name
This operator allows you to filter violations using the name of the team in which the violation occured.
teams.team_sensitivity
Zendesk
zendesk.current_user_role
This operator allows you to filter violations using the name of the current user who triggered the violation.
zendesk.ticket_group_assignee
This operator allows you to filter violations using the name of the group to which the violation ticket is assigned.
zendesk.ticket_status
This operator allows you to filter violations using the Zendesk ticket status.
zendesk.ticket_title
This operator allows you to filter violations using the name of the Ticket.
Last updated