CQL query to find endpoints not on recommended sensor version (Windows, macOS, Linux)
Hi all,
Is there any CQL query to find endpoints that are not on a specific sensor version (for example, our recommended n-1 version is 7.35.20709.0 for windows)?
We want to identify all devices across Windows, macOS, and Linux that are not running this sensor version, ideally also scoped by host group if possible.
Basically, we need a list of all devices that are not on the approved version.
Thanks in advance!