Cisco
Login
Search
Software Secure Workload
Activity Configure

Manage Inventory for Secure Workload Scopes and Inventory Inventory Searching Inventory

Last updated: Jun 09, 2025

Searching Inventory

Searching for inventory displays information about specific inventory items.

Inventory Search
Figure 1: Inventory Search

Procedure

1

From the navigation pane, choose Organize > Scopes and Inventory.
2

Enter the attributes in the Filters field for the inventory items that you are looking for. The attributes include the following:

Attributes

Description

Hostname

Enter a full or partial hostname.

VRF Name

Enter a VRF name.

VRF ID

Enter a VRF ID (numeric).

Address

Enter a valid IP address or subnet (IPv4 or IPv6).

Address Type

Enter either IPv4 or IPv6.

OS

Enter an OS name (e.g. CentOS).

OS Version

Enter an OS version (e.g. 6.5).

Interface Name

Enter an interface name (e.g. eth0).

MAC

Enter a MAC address.

In Collection Rules?

Enter true or false.

Process Command Line

Enter the substring of a command that is running on host (Note: this facet cannot be saved as part of inventory filter).

Process Binary Hash

Enter the process hash of a command that is running on the host (Note: this facet cannot be saved as part of inventory filter).

Package Info

Enter the package name optionally followed by a package version (prefixed by #).

Package CVE

Enter part of or a complete CVE ID.

CVE Score v2

Enter a CVSSv2 (Common Vulnerability Scoring System) score (numeric).

CVE Score v3

Enter a CVSSv3 (Common Vulnerability Scoring System) score (numeric).

Cisco Security Risk Score

Enter a Cisco Security Risk Score (numeric).

Severity (Cisco Security Risk Score)

Enter a Cisco Security Risk Score severity: High, Medium, or Low.

Active Internet Breach (Cisco Security Risk Score)

Indicates whether CVE is part of Active Internet Breach activity across organisations. Enter true or false.

Easily Exploitable (Cisco Security Risk Score)

Indicates whether CVE has known exploit kits. Enter true or false.

Fix Available (Cisco Security Risk Score)

Indicates whether a fix is available for the CVE. Enter true or false.

Malware Exploitable (Cisco Security Risk Score)

Indicates whether CVE can be actively exploited with malware including trojans, worms, ransomware, and others. Enter true or false.

Popular Targets (Cisco Security Risk Score)

Indicates whether CVE is detected in high volume by other Cisco Vulnerability Management clients. Enter true or false.

Predicted Exploitable (Cisco Security Risk Score)

Indicates whether CVE is expected to have an Active Internet Breach in the future. Enter true or false.

User Labels

Attributes prefixed with come from user labels.
3

Click Search Inventory. The results are displayed below the Filters field that is grouped into four tabs. Each tab displays a table with the relevant columns. Additional columns can be displayed by clicking on the funnel icon in the table header. If any user labels are available, they will be prefixed with and can be toggled here.

Inventory Search Results
Figure 2: Inventory Search Results
Inventory Search Results
Figure 3: Inventory Search Results

The search results are grouped into four tabs:

Tab

Description

Services

Lists the Kubernetes services and load balancers discovered through External Orchestrators. This tab is hidden unless a related external orchestrator is configured.

Pods

Lists the Kubernetes pods. This tab is hidden unless a related external orchestrator is configured.

Workloads

Lists the inventory items reported by Secure Workload agents.

IP Addresses

Lists the inventory items discovered through:

  • inventory upload

  • learning from flows

  • manually uploaded labels

  • labels ingested through connectors and external orchestrators

Additionally, the lists from subnets reported from the same sources.

 

By default, the catch all subnets for IPv4 and IPv6 addresses display in each tenant.

There is also a mention of the inventory count next to each tab. The immediately available information in a search includes hostname, IP Addresses with subnets, OS, OS Version, Service Name and Pod Name. The list of displayed columns can be toggled by clicking the funnel icon in the table header. Search results are restricted to the currently selected scope shown in the scope directory. More information can be seen on the respective profile page by clicking on an item in the search results.

More details about each host is displayed on the Workload Profile, which is accessible by clicking on the IP address field of a search result row. See the Workload Profile for more information.

To create Inventory Filters via the sidebar: Choose Organize > Inventory Filters from the top-level menu. Click the Create Filter button. A modal dialog appears where you can name your saved filter.
Previous topic Inventory Next topic Suggest Child Scopes