Actually with some help from one my colleagues (Tom Kendrick) came to an answer:
SHORT answer: It is the expected output of NO DATA FOUND when there are no hits/logs and the right signatures/protections are enabled and used..
LONG explanation:
If you have the IPS protections available and applied to the profile, then you will get hits if the event is happening. Of course you could not know of any hits before that date. If, since that date you look at IPS logs and see no hits after filtering for the protection matching the cve, or the cve, then you're good. Because there are no logs of any type.
The pre-defined report created by my colleague Oren is a view filter looking for the CVE’s in the IPS blade:
blade:IPS and (("CVE-2021-26855") OR ("CVE-2021-26857") OR ("CVE-2021-26858") OR ("CVE-2021-27065"))
And then the file indicators are looking for evidence of the “family”:
(HAFNIUM.TC.*) OR (Trojan.Win32.Hafnium.TC.*)
So, if you put this into the log view, and see noting too, then you must be fine (assuming the protections are enabled).