First you’d need to know how to send Session Relevance queries. I have a couple of brief examples at Passing relay property to client in software deployment task - #14 by JasonWalker
Once you can send Session Relevance queries, here’s an example that may be useful. You could also change the ‘exit code’ and ‘name’ filters to run any other query you like. In the example output, I was actually querying for name “MS23-FEB” and exit code 3010…
q: (ids of actions of it, name of computer of it|"Computername Not Reported", (id of it, name of site of it, name of it) of source fixlets of actions of it, start times of it, exit codes of it) of results whose (exit code of it = 3017) of bes actions whose (name of source fixlet of it contains "Edge")
A: 3248, DC, ( 502278209, Enterprise Security, MS23-FEB: Cumulative Update for .NET Framework 3.5/4.7.2 for Windows Server 2019 - Windows Server 2019 - .NET Framework 3.5/4.7.2 - KB5022511 (x64) (Superseded) ), ( Wed, 08 Mar 2023 18:50:40 -0500 ), 3010
A: 3250, DC, ( 502284003, Enterprise Security, MS23-FEB: Cumulative Update for Windows Server 2019 - Windows Server 2019 - KB5022840 (x64) (Superseded) ), ( Wed, 08 Mar 2023 19:02:44 -0500 ), 3010
A: 3251, BFC, ( 502284201, Enterprise Security, MS23-FEB: Cumulative Update for Microsoft server operating system version 21H2 - Windows Server 2022 - KB5022842 (x64) (Superseded) ), ( Wed, 08 Mar 2023 18:07:45 -0500 ), 3010
A: 3251, BFI, ( 502284201, Enterprise Security, MS23-FEB: Cumulative Update for Microsoft server operating system version 21H2 - Windows Server 2022 - KB5022842 (x64) (Superseded) ), ( Wed, 08 Mar 2023 18:04:09 -0500 ), 3010
A: 3685, WIN2022-TEST1, ( 502273501, Enterprise Security, MS23-FEB: Cumulative Update for .NET Framework 3.5 and 4.8 for Windows Server 2022 - Windows Server 2022 - .NET Framework 3.5/4.8 - KB5022507 (x64) (Superseded) ), ( Tue, 04 Apr 2023 09:17:54 -0500 ), 3010