Integer fields are integer values (whole numbers, including 0). If it exists, the values are from 0 to MAXINT.
Two types of search syntax are supported:
X: Matches all fields with preciselyX. For example,fileless_scriptload_cmdline_length:2048for processes with fileless scriptloads with command line contents containing exactly 2048 characters.X TO Y: Matches all fields with integer values>=Xand<=Y. For example,fileless_scriptload_cmdline_length:[1 TO 2048]for processes with fileless scriptloads with command line contents containing between 1 and 2048 characters.
In both cases, either X or Y can be replaced with a wildcard * (if the Block Searches with Leading Wildcards setting in the Process Search Settings section of the Advanced Settings page is disabled). For example, fileless_scriptload_cmdline_length:* for any processes with fileless scriptloads where the fileless_scriptload_cmdline_length field exists (command line contents containing any number of characters). fileless_scriptload_cmdline_length:[1 TO *] for any processes with fileless scriptloads with command line contents containing more than 1 character.
