I think this might help you with creating your query. Once you put this sql query in, you can then select the desired Asset Group via the “Select Sites, Assets, Asset Groups or Tags” settings. You can also apply the vulnerability filter of include specific (i.e. Microsoft Patch) from the web reporting interface. If you copy/paste from here, you might have to delete the quotations (") and type them in manually if you experience errors.
Query:
SELECT da.ip_address,da.host_name,dos.description,vuln.title AS "Vulnerability Title", vuln.severity AS "Severity" FROM fact_asset_vulnerability_finding AS favf JOIN dim_vulnerability AS vuln ON favf.vulnerability_id = vuln.vulnerability_id JOIN dim_asset_group_asset AS daga ON favf.asset_id = daga.asset_id JOIN dim_asset_group AS dag ON daga.asset_group_id = dag.asset_group_id JOIN dim_scope_asset_group AS dsag ON dag.asset_group_id = dsag.asset_group_id JOIN dim_asset AS da ON favf.asset_id = da.asset_id JOIN dim_operating_system as dos ON dos.operating_system_id = da.operating_system_id WHERE favf.vulnerability_instances > 0 GROUP BY vuln.title, da.ip_address, dag.name, vuln.severity, da.host_name,dos.description ORDER BY dag.name