About SIQL

Security Intelligence Query Language (SIQL) is a domain-specific query language designed to query Policy Planner tickets. "Domain-specific" means SIQL knows about tickets, devices, policies, and rules, as well as their properties (like a device's name and vendor, a rule's source, source IP address, service protocol, service port, zones, comments, etc.).

You can use SIQL to answer questions like:

  • Which tickets have been completed in the last five days?

  • Which tickets have me as the requester name?

  • Which tickets have a specific due date?