SPQL command line utility

Prev Next

The SPQL command-line client (spql_cli.py) allows users to run SPQL queries or generate JSON-encoded queries for tools like curl or Postman. Refer to SPQL Syntax Rules and SPQL Query Examples for query construction.

Installation

The SPQL command-line client (spql_cli.py) allows users to run SPQL queries or generate JSON-encoded queries for tools like curl or Postman. Refer to SPQL Syntax Rules (#learn-syntax-rules) and SPQL Query Examples (#read-query-examples) for query construction.

Syntax

 spql_cli.py [OPTION]

Options

Option

Description

-q, --query 'TEXT'

(Required) SPQL query as a string.

-f, --fields TEXT

Comma-separated field names in square brackets (e.g., [domain,ip]). Can be set as SPQL_FIELDS environment variable.

-s, --sort TEXT

Comma-separated sort fields/orders in square brackets (e.g., [domain/asc,scan_date/desc]). Can be set as SPQL_SORT.

--api-key TEXT

(Required) Silent Push API key. Can be set as SPQL_API_KEY  environment variable.

--limit INTEGER

Maximum results to return.

--skip INTEGER

Number of results to skip.

--with_metadata INTEGER <0 1>

Include metadata with results.

-e, --echo-query

Display JSON-encoded query without executing it.

-h, --help

Show this message and exit

Environment variables

  • API key: export SPQL_API_KEY=<api_key>

  • Fixed fields: export SPQL_FIELDS=[domain,hostname,ip,url,htmltitle]

  • Sort order: export SPQL_SORT=[domain/asc,scan_date/desc]

Example

Search for servers with specific content-type, excluding Apache/nginx, that have opendirectory and cpanel in their SSL names, were scanned in the last 30 days, and are filtered by regex and TLD.

export SPQL_SORT=[domain/asc,scan_date/desc]

Note: Use —echo-query to generate JSON for SPQL API Functionality.
See
SPQL Data Sources for targeting specific repositories.