Advanced Search

Advanced Search lets you query Validin's infrastructure data across multiple data sources simultaneously using the Validin Query Language (VQL). It is designed for analysts who need precise, structured queries beyond what standard search supports.

🚧

Advanced Search is in Beta

Advanced Search is currently in Beta and available to Enterprise Users only. We are actively soliciting feedback to continue improving the user experience before a wider launch.

Writing a Query

Queries are written in the Validin Query Language (VQL). The query editor supports autocomplete: as you type, suggestions will appear for prefixes, field names, operators, and values to help you build valid queries quickly.

For a full reference of supported syntax, fields, and operators, see the Validin Query Language documentation.

Results

When a query runs successfully, results are returned as a table. Each row represents a matched indicator (domain or IP address),. You can click into any row to explore additional context about the indicator.

Bookmarking and Search Sessions

In the top right corner of the results view you can:

• Bookmark the query to save it for quick access later.
• Add to a new search session to group this query alongside related searches for a specific investigation.

To learn more about managing bookmarks and search sessions, see the Search History & Search Sessions documentation.