1 of 1

Violation Filter Operators

This document describes all the operators provided by Nightfall to perform search operations on the Violations page. You can use these operators to search for specific violations.

Nightfall provides you with two types of operators which are described in the following sections.

General Operators

Operator Name

Description

annotation_comment

This operator allows you to filter violations using the annotation comments.

annotation_type

confidence

This operator allows you to filter violations using the Confidence level which can either be Possible, likely, or Very Likely.

detection_rule_id

This operator allows you to filter violations using the unique detection rule ID.

detector_id

This operator allows you to filter violations using the unique detector ID.

file_name

This operator allows you to filter violations using the name of the file that triggered the violated

file_type

This operator allows you to filter violations using the type of file that triggered the violation.

integration_name

This operator allows you to filter violations using the integration name.

policy_id

This operator allows you to filter violations using the unique ID of the policy.

policy_name

This operator allows you to filter violations using the name of the policy.

post_context

pre_context

quote

This operator allows you to filter violations using the quote.

user_email

This operator allows you to filter violations using the

user_name

This operator allows you to filter violations using the name of the user who triggered the violation.

violation_id

This operator allows you to filter violations using the unique ID of the violation.

Integration Operators

Confluence Operators

Confluence.parent_page_name

This operator allows you to filter violations using the Confluence page's parent page name in which the violation was discovered.

Confluence.space_name

This operator allows you to filter violations using Confluence's space name in which the violation was discovered.

GitHub Operators

GitHub.author_email

This operator allows you to filter violations using the Email ID of the GitHub user who triggered the violation.

GitHub.branch

This operator allows you to filter violations using the name of the GitHub branch in which the violation was triggered.

GitHub.commit

This operator allows you to filter violations using the GitHub commit ID in which the violation was discovered.

GitHub.org

This operator allows you to filter violations using the GitHub organization name in which the violation was discovered.

github.repository

This operator allows you to filter violations using the GitHub repository name in which the violation was discovered.

github.repository_owner

This operator allows you to filter violations using the name of the GitHub repository owner in which the violation was discovered.

JIRA Operators

jira.project_name

This operator allows you to filter violations using the name of the JIRA project in which the violation was discovered.

jira.ticket_number

This operator allows you to filter violations using the ticket number of the JIRA in which the violation was discovered.

Notion Operators

notion.created_by

This operator allows you to filter violations using the name of the user who created the notion page in which the violation was discovered.

notion.last_edited_by

This operator allows you to filter violations using the name of the user who last edited the notion page in which the violation was discovered.

Notion.page_title

This operator allows you to filter violations using the title of the page in which the violation was discovered.

notion.workspace_name

This operator allows you to filter violations using the name of the Notion workspace in which the violation was discovered.

Slack Operators

Slack.channel_id

This operator allows you to filter violations using the ID of the Slack channel in which the violation was discovered.

Slack.channel_name

This operator allows you to filter violations using the name of the Slack channel in which the violation was discovered.

slack.workspace

This operator allows you to filter violations using the name of the Slack Workspace in which the violation was discovered.

MS Teams

teams.channel_name

This operator allows you to filter violations using the name of the channel in which the violation was discovered.

teams.channel_type

This operator allows you to filter violations using the channel type name in which the violation was discovered.

teams.msg_attachment

teams.msg_importance

teams.sender

This operator allows you to filter violations using the name of the sender who triggered the violation.

teams.team_name

This operator allows you to filter violations using the name of the team in which the violation occured.

teams.team_sensitivity

Zendesk

zendesk.current_user_role

This operator allows you to filter violations using the name of the current user who triggered the violation.

zendesk.ticket_group_assignee

This operator allows you to filter violations using the name of the group to which the violation ticket is assigned.

zendesk.ticket_status

This operator allows you to filter violations using the Zendesk ticket status.

zendesk.ticket_title

This operator allows you to filter violations using the name of the Ticket.