@cyvest/cyvest-js 4.1.0 → 4.3.0

package/dist/index.d.mts

@@ -37,9 +37,7 @@ type CheckLinks = string[];
  */
 type PropagationMode = "LOCAL_ONLY" | "GLOBAL";
 type ObservableLinks = ObservableLink[];
-type Taxonomies = {
-    [k: string]: unknown;
-}[];
+type Taxonomies = Taxonomy[];
 type Checks1 = string[];
 /**
  * Root observable type used during data extraction.
@@ -82,7 +80,6 @@ interface CyvestInvestigation {
     event_log?: EventLog;
     observables: Observables;
     checks: Checks;
-    checks_by_level: ChecksByLevel;
     threat_intels: ThreatIntels1;
     enrichments: Enrichments;
     containers: Containers;
@@ -196,12 +193,6 @@ interface ObservableLink {
     observable_key: string;
     propagation_mode?: PropagationMode;
 }
-/**
- * Check keys organized by level name.
- */
-interface ChecksByLevel {
-    [k: string]: string[];
-}
 /**
  * Threat intelligence entries keyed by their unique key.
  */
@@ -229,6 +220,14 @@ interface ThreatIntel {
 interface Extra2 {
     [k: string]: unknown;
 }
+/**
+ * Represents a structured taxonomy entry for threat intelligence.
+ */
+interface Taxonomy {
+    level: Level;
+    name: string;
+    value: string;
+}
 /**
  * Enrichment entries keyed by their unique key.
  */
@@ -291,7 +290,7 @@ interface StatisticsSchema {
     total_checks: number;
     applied_checks: number;
     checks_by_scope?: ChecksByScope;
-    checks_by_level?: ChecksByLevel1;
+    checks_by_level?: ChecksByLevel;
     total_threat_intel: number;
     threat_intel_by_source?: ThreatIntelBySource;
     threat_intel_by_level?: ThreatIntelByLevel;
@@ -309,10 +308,10 @@ interface ObservablesByTypeAndLevel {
     };
 }
 interface ChecksByScope {
-    [k: string]: number;
+    [k: string]: string[];
 }
-interface ChecksByLevel1 {
-    [k: string]: number;
+interface ChecksByLevel {
+    [k: string]: string[];
 }
 interface ThreatIntelBySource {
     [k: string]: number;
@@ -1356,4 +1355,4 @@ declare function getRelationshipsForObservable(inv: CyvestInvestigation, observa
     }>;
 };
 
-export { type Actor, type AuditEvent, type Check, type CheckLinks, type Checks, type Checks1, type ChecksByLevel, type ChecksByLevel1, type ChecksByScope, type Container, type Containers, type CyvestInvestigation, type Data, type DataExtractionSchema, type Details, type Enrichment, type Enrichments, type EventLog, type Extra, type Extra1, type Extra2, type GraphEdge, type GraphNode, type InvestigationCounts, type InvestigationGraph, type InvestigationName, type InvestigationWhitelist, type Justification, type KeyType, LEVEL_COLORS, LEVEL_ORDER, LEVEL_VALUES, type Level, type ObjectKey, type ObjectType, type Observable, type ObservableLink, type ObservableLinks, type Observables, type ObservablesByLevel, type ObservablesByType, type ObservablesByTypeAndLevel, type PropagationMode, type Reason, type Relationship, type RelationshipDirection, type Relationships, type RootType, type ScoreMode, type StatisticsSchema, type SubContainers, type Taxonomies, type ThreatIntel, type ThreatIntelByLevel, type ThreatIntelBySource, type ThreatIntels, type ThreatIntels1, type Tool, type Whitelists, areConnected, compareLevels, countRelationshipsByType, findChecksAtLeast, findChecksByCheckId, findChecksByLevel, findChecksByScope, findContainersAtLeast, findContainersByLevel, findExternalObservables, findInternalObservables, findLeafObservables, findObservablesAtLeast, findObservablesByLevel, findObservablesByType, findObservablesByValue, findObservablesContaining, findObservablesMatching, findObservablesWithThreatIntel, findOrphanObservables, findPath, findRootObservables, findThreatIntelAtLeast, findThreatIntelByLevel, findThreatIntelBySource, findWhitelistedObservables, generateCheckKey, generateContainerKey, generateEnrichmentKey, generateObservableKey, generateThreatIntelKey, getAllChecks, getAllContainers, getAllEnrichments, getAllObservableTypes, getAllObservables, getAllRelationshipTypes, getAllScopes, getAllThreatIntelSources, getAllThreatIntels, getCheck, getCheckByIdScope, getChecksForContainer, getChecksForObservable, getColorForLevel, getColorForScore, getContainer, getContainerByPath, getCounts, getDataExtraction, getEnrichment, getEnrichmentByName, getEntityLevel, getHighestScoringChecks, getHighestScoringObservables, getLevelFromScore, getMaliciousChecks, getMaliciousObservables, getObservable, getObservableByTypeValue, getObservableChildren, getObservableGraph, getObservableParents, getObservablesForCheck, getReachableObservables, getRelatedObservables, getRelatedObservablesByDirection, getRelatedObservablesByType, getRelationshipsForObservable, getStats, getSuspiciousChecks, getSuspiciousObservables, getThreatIntel, getThreatIntelBySourceObservable, getThreatIntelsForObservable, getWhitelists, hasLevel, isCyvest, isLevelAtLeast, isLevelHigherThan, isLevelLowerThan, isValidLevel, maxLevel, minLevel, normalizeLevel, parseCheckKey, parseCyvest, parseKeyType, parseObservableKey, parseThreatIntelKey, sortChecksByLevel, sortChecksByScore, sortObservablesByLevel, sortObservablesByScore, validateKey };
+export { type Actor, type AuditEvent, type Check, type CheckLinks, type Checks, type Checks1, type ChecksByLevel, type ChecksByScope, type Container, type Containers, type CyvestInvestigation, type Data, type DataExtractionSchema, type Details, type Enrichment, type Enrichments, type EventLog, type Extra, type Extra1, type Extra2, type GraphEdge, type GraphNode, type InvestigationCounts, type InvestigationGraph, type InvestigationName, type InvestigationWhitelist, type Justification, type KeyType, LEVEL_COLORS, LEVEL_ORDER, LEVEL_VALUES, type Level, type ObjectKey, type ObjectType, type Observable, type ObservableLink, type ObservableLinks, type Observables, type ObservablesByLevel, type ObservablesByType, type ObservablesByTypeAndLevel, type PropagationMode, type Reason, type Relationship, type RelationshipDirection, type Relationships, type RootType, type ScoreMode, type StatisticsSchema, type SubContainers, type Taxonomies, type Taxonomy, type ThreatIntel, type ThreatIntelByLevel, type ThreatIntelBySource, type ThreatIntels, type ThreatIntels1, type Tool, type Whitelists, areConnected, compareLevels, countRelationshipsByType, findChecksAtLeast, findChecksByCheckId, findChecksByLevel, findChecksByScope, findContainersAtLeast, findContainersByLevel, findExternalObservables, findInternalObservables, findLeafObservables, findObservablesAtLeast, findObservablesByLevel, findObservablesByType, findObservablesByValue, findObservablesContaining, findObservablesMatching, findObservablesWithThreatIntel, findOrphanObservables, findPath, findRootObservables, findThreatIntelAtLeast, findThreatIntelByLevel, findThreatIntelBySource, findWhitelistedObservables, generateCheckKey, generateContainerKey, generateEnrichmentKey, generateObservableKey, generateThreatIntelKey, getAllChecks, getAllContainers, getAllEnrichments, getAllObservableTypes, getAllObservables, getAllRelationshipTypes, getAllScopes, getAllThreatIntelSources, getAllThreatIntels, getCheck, getCheckByIdScope, getChecksForContainer, getChecksForObservable, getColorForLevel, getColorForScore, getContainer, getContainerByPath, getCounts, getDataExtraction, getEnrichment, getEnrichmentByName, getEntityLevel, getHighestScoringChecks, getHighestScoringObservables, getLevelFromScore, getMaliciousChecks, getMaliciousObservables, getObservable, getObservableByTypeValue, getObservableChildren, getObservableGraph, getObservableParents, getObservablesForCheck, getReachableObservables, getRelatedObservables, getRelatedObservablesByDirection, getRelatedObservablesByType, getRelationshipsForObservable, getStats, getSuspiciousChecks, getSuspiciousObservables, getThreatIntel, getThreatIntelBySourceObservable, getThreatIntelsForObservable, getWhitelists, hasLevel, isCyvest, isLevelAtLeast, isLevelHigherThan, isLevelLowerThan, isValidLevel, maxLevel, minLevel, normalizeLevel, parseCheckKey, parseCyvest, parseKeyType, parseObservableKey, parseThreatIntelKey, sortChecksByLevel, sortChecksByScore, sortObservablesByLevel, sortObservablesByScore, validateKey };

package/dist/index.d.ts

@@ -37,9 +37,7 @@ type CheckLinks = string[];
  */
 type PropagationMode = "LOCAL_ONLY" | "GLOBAL";
 type ObservableLinks = ObservableLink[];
-type Taxonomies = {
-    [k: string]: unknown;
-}[];
+type Taxonomies = Taxonomy[];
 type Checks1 = string[];
 /**
  * Root observable type used during data extraction.
@@ -82,7 +80,6 @@ interface CyvestInvestigation {
     event_log?: EventLog;
     observables: Observables;
     checks: Checks;
-    checks_by_level: ChecksByLevel;
     threat_intels: ThreatIntels1;
     enrichments: Enrichments;
     containers: Containers;
@@ -196,12 +193,6 @@ interface ObservableLink {
     observable_key: string;
     propagation_mode?: PropagationMode;
 }
-/**
- * Check keys organized by level name.
- */
-interface ChecksByLevel {
-    [k: string]: string[];
-}
 /**
  * Threat intelligence entries keyed by their unique key.
  */
@@ -229,6 +220,14 @@ interface ThreatIntel {
 interface Extra2 {
     [k: string]: unknown;
 }
+/**
+ * Represents a structured taxonomy entry for threat intelligence.
+ */
+interface Taxonomy {
+    level: Level;
+    name: string;
+    value: string;
+}
 /**
  * Enrichment entries keyed by their unique key.
  */
@@ -291,7 +290,7 @@ interface StatisticsSchema {
     total_checks: number;
     applied_checks: number;
     checks_by_scope?: ChecksByScope;
-    checks_by_level?: ChecksByLevel1;
+    checks_by_level?: ChecksByLevel;
     total_threat_intel: number;
     threat_intel_by_source?: ThreatIntelBySource;
     threat_intel_by_level?: ThreatIntelByLevel;
@@ -309,10 +308,10 @@ interface ObservablesByTypeAndLevel {
     };
 }
 interface ChecksByScope {
-    [k: string]: number;
+    [k: string]: string[];
 }
-interface ChecksByLevel1 {
-    [k: string]: number;
+interface ChecksByLevel {
+    [k: string]: string[];
 }
 interface ThreatIntelBySource {
     [k: string]: number;
@@ -1356,4 +1355,4 @@ declare function getRelationshipsForObservable(inv: CyvestInvestigation, observa
     }>;
 };
 
-export { type Actor, type AuditEvent, type Check, type CheckLinks, type Checks, type Checks1, type ChecksByLevel, type ChecksByLevel1, type ChecksByScope, type Container, type Containers, type CyvestInvestigation, type Data, type DataExtractionSchema, type Details, type Enrichment, type Enrichments, type EventLog, type Extra, type Extra1, type Extra2, type GraphEdge, type GraphNode, type InvestigationCounts, type InvestigationGraph, type InvestigationName, type InvestigationWhitelist, type Justification, type KeyType, LEVEL_COLORS, LEVEL_ORDER, LEVEL_VALUES, type Level, type ObjectKey, type ObjectType, type Observable, type ObservableLink, type ObservableLinks, type Observables, type ObservablesByLevel, type ObservablesByType, type ObservablesByTypeAndLevel, type PropagationMode, type Reason, type Relationship, type RelationshipDirection, type Relationships, type RootType, type ScoreMode, type StatisticsSchema, type SubContainers, type Taxonomies, type ThreatIntel, type ThreatIntelByLevel, type ThreatIntelBySource, type ThreatIntels, type ThreatIntels1, type Tool, type Whitelists, areConnected, compareLevels, countRelationshipsByType, findChecksAtLeast, findChecksByCheckId, findChecksByLevel, findChecksByScope, findContainersAtLeast, findContainersByLevel, findExternalObservables, findInternalObservables, findLeafObservables, findObservablesAtLeast, findObservablesByLevel, findObservablesByType, findObservablesByValue, findObservablesContaining, findObservablesMatching, findObservablesWithThreatIntel, findOrphanObservables, findPath, findRootObservables, findThreatIntelAtLeast, findThreatIntelByLevel, findThreatIntelBySource, findWhitelistedObservables, generateCheckKey, generateContainerKey, generateEnrichmentKey, generateObservableKey, generateThreatIntelKey, getAllChecks, getAllContainers, getAllEnrichments, getAllObservableTypes, getAllObservables, getAllRelationshipTypes, getAllScopes, getAllThreatIntelSources, getAllThreatIntels, getCheck, getCheckByIdScope, getChecksForContainer, getChecksForObservable, getColorForLevel, getColorForScore, getContainer, getContainerByPath, getCounts, getDataExtraction, getEnrichment, getEnrichmentByName, getEntityLevel, getHighestScoringChecks, getHighestScoringObservables, getLevelFromScore, getMaliciousChecks, getMaliciousObservables, getObservable, getObservableByTypeValue, getObservableChildren, getObservableGraph, getObservableParents, getObservablesForCheck, getReachableObservables, getRelatedObservables, getRelatedObservablesByDirection, getRelatedObservablesByType, getRelationshipsForObservable, getStats, getSuspiciousChecks, getSuspiciousObservables, getThreatIntel, getThreatIntelBySourceObservable, getThreatIntelsForObservable, getWhitelists, hasLevel, isCyvest, isLevelAtLeast, isLevelHigherThan, isLevelLowerThan, isValidLevel, maxLevel, minLevel, normalizeLevel, parseCheckKey, parseCyvest, parseKeyType, parseObservableKey, parseThreatIntelKey, sortChecksByLevel, sortChecksByScore, sortObservablesByLevel, sortObservablesByScore, validateKey };
+export { type Actor, type AuditEvent, type Check, type CheckLinks, type Checks, type Checks1, type ChecksByLevel, type ChecksByScope, type Container, type Containers, type CyvestInvestigation, type Data, type DataExtractionSchema, type Details, type Enrichment, type Enrichments, type EventLog, type Extra, type Extra1, type Extra2, type GraphEdge, type GraphNode, type InvestigationCounts, type InvestigationGraph, type InvestigationName, type InvestigationWhitelist, type Justification, type KeyType, LEVEL_COLORS, LEVEL_ORDER, LEVEL_VALUES, type Level, type ObjectKey, type ObjectType, type Observable, type ObservableLink, type ObservableLinks, type Observables, type ObservablesByLevel, type ObservablesByType, type ObservablesByTypeAndLevel, type PropagationMode, type Reason, type Relationship, type RelationshipDirection, type Relationships, type RootType, type ScoreMode, type StatisticsSchema, type SubContainers, type Taxonomies, type Taxonomy, type ThreatIntel, type ThreatIntelByLevel, type ThreatIntelBySource, type ThreatIntels, type ThreatIntels1, type Tool, type Whitelists, areConnected, compareLevels, countRelationshipsByType, findChecksAtLeast, findChecksByCheckId, findChecksByLevel, findChecksByScope, findContainersAtLeast, findContainersByLevel, findExternalObservables, findInternalObservables, findLeafObservables, findObservablesAtLeast, findObservablesByLevel, findObservablesByType, findObservablesByValue, findObservablesContaining, findObservablesMatching, findObservablesWithThreatIntel, findOrphanObservables, findPath, findRootObservables, findThreatIntelAtLeast, findThreatIntelByLevel, findThreatIntelBySource, findWhitelistedObservables, generateCheckKey, generateContainerKey, generateEnrichmentKey, generateObservableKey, generateThreatIntelKey, getAllChecks, getAllContainers, getAllEnrichments, getAllObservableTypes, getAllObservables, getAllRelationshipTypes, getAllScopes, getAllThreatIntelSources, getAllThreatIntels, getCheck, getCheckByIdScope, getChecksForContainer, getChecksForObservable, getColorForLevel, getColorForScore, getContainer, getContainerByPath, getCounts, getDataExtraction, getEnrichment, getEnrichmentByName, getEntityLevel, getHighestScoringChecks, getHighestScoringObservables, getLevelFromScore, getMaliciousChecks, getMaliciousObservables, getObservable, getObservableByTypeValue, getObservableChildren, getObservableGraph, getObservableParents, getObservablesForCheck, getReachableObservables, getRelatedObservables, getRelatedObservablesByDirection, getRelatedObservablesByType, getRelationshipsForObservable, getStats, getSuspiciousChecks, getSuspiciousObservables, getThreatIntel, getThreatIntelBySourceObservable, getThreatIntelsForObservable, getWhitelists, hasLevel, isCyvest, isLevelAtLeast, isLevelHigherThan, isLevelLowerThan, isValidLevel, maxLevel, minLevel, normalizeLevel, parseCheckKey, parseCyvest, parseKeyType, parseObservableKey, parseThreatIntelKey, sortChecksByLevel, sortChecksByScore, sortObservablesByLevel, sortObservablesByScore, validateKey };

package/dist/index.js

@@ -676,16 +676,20 @@ var cyvest_schema_default = {
         },
         checks_by_scope: {
           additionalProperties: {
-            minimum: 0,
-            type: "integer"
+            items: {
+              type: "string"
+            },
+            type: "array"
           },
           title: "Checks By Scope",
           type: "object"
         },
         checks_by_level: {
           additionalProperties: {
-            minimum: 0,
-            type: "integer"
+            items: {
+              type: "string"
+            },
+            type: "array"
           },
           title: "Checks By Level",
           type: "object"
@@ -730,6 +734,30 @@ var cyvest_schema_default = {
       title: "StatisticsSchema",
       type: "object"
     },
+    Taxonomy: {
+      additionalProperties: false,
+      description: "Represents a structured taxonomy entry for threat intelligence.",
+      properties: {
+        level: {
+          $ref: "#/$defs/Level"
+        },
+        name: {
+          title: "Name",
+          type: "string"
+        },
+        value: {
+          title: "Value",
+          type: "string"
+        }
+      },
+      required: [
+        "level",
+        "name",
+        "value"
+      ],
+      title: "Taxonomy",
+      type: "object"
+    },
     ThreatIntel: {
       description: "Represents threat intelligence from an external source.\n\nThreat intelligence provides verdicts about observables from sources\nlike VirusTotal, URLScan.io, etc.",
       properties: {
@@ -759,8 +787,7 @@ var cyvest_schema_default = {
         },
         taxonomies: {
           items: {
-            additionalProperties: true,
-            type: "object"
+            $ref: "#/$defs/Taxonomy"
           },
           title: "Taxonomies",
           type: "array"
@@ -868,17 +895,6 @@ var cyvest_schema_default = {
       title: "Checks",
       type: "object"
     },
-    checks_by_level: {
-      additionalProperties: {
-        items: {
-          type: "string"
-        },
-        type: "array"
-      },
-      description: "Check keys organized by level name.",
-      title: "Checks By Level",
-      type: "object"
-    },
     threat_intels: {
       additionalProperties: {
         $ref: "#/$defs/ThreatIntel"
@@ -927,7 +943,6 @@ var cyvest_schema_default = {
     "whitelists",
     "observables",
     "checks",
-    "checks_by_level",
     "threat_intels",
     "enrichments",
     "containers",

package/dist/index.mjs

@@ -543,16 +543,20 @@ var cyvest_schema_default = {
         },
         checks_by_scope: {
           additionalProperties: {
-            minimum: 0,
-            type: "integer"
+            items: {
+              type: "string"
+            },
+            type: "array"
           },
           title: "Checks By Scope",
           type: "object"
         },
         checks_by_level: {
           additionalProperties: {
-            minimum: 0,
-            type: "integer"
+            items: {
+              type: "string"
+            },
+            type: "array"
           },
           title: "Checks By Level",
           type: "object"
@@ -597,6 +601,30 @@ var cyvest_schema_default = {
       title: "StatisticsSchema",
       type: "object"
     },
+    Taxonomy: {
+      additionalProperties: false,
+      description: "Represents a structured taxonomy entry for threat intelligence.",
+      properties: {
+        level: {
+          $ref: "#/$defs/Level"
+        },
+        name: {
+          title: "Name",
+          type: "string"
+        },
+        value: {
+          title: "Value",
+          type: "string"
+        }
+      },
+      required: [
+        "level",
+        "name",
+        "value"
+      ],
+      title: "Taxonomy",
+      type: "object"
+    },
     ThreatIntel: {
       description: "Represents threat intelligence from an external source.\n\nThreat intelligence provides verdicts about observables from sources\nlike VirusTotal, URLScan.io, etc.",
       properties: {
@@ -626,8 +654,7 @@ var cyvest_schema_default = {
         },
         taxonomies: {
           items: {
-            additionalProperties: true,
-            type: "object"
+            $ref: "#/$defs/Taxonomy"
           },
           title: "Taxonomies",
           type: "array"
@@ -735,17 +762,6 @@ var cyvest_schema_default = {
       title: "Checks",
       type: "object"
     },
-    checks_by_level: {
-      additionalProperties: {
-        items: {
-          type: "string"
-        },
-        type: "array"
-      },
-      description: "Check keys organized by level name.",
-      title: "Checks By Level",
-      type: "object"
-    },
     threat_intels: {
       additionalProperties: {
         $ref: "#/$defs/ThreatIntel"
@@ -794,7 +810,6 @@ var cyvest_schema_default = {
     "whitelists",
     "observables",
     "checks",
-    "checks_by_level",
     "threat_intels",
     "enrichments",
     "containers",

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@cyvest/cyvest-js",
-  "version": "4.1.0",
+  "version": "4.3.0",
   "main": "dist/index.cjs",
   "module": "dist/index.mjs",
   "types": "dist/index.d.ts",

package/src/types.generated.ts

@@ -39,9 +39,7 @@ export type CheckLinks = string[];
  */
 export type PropagationMode = "LOCAL_ONLY" | "GLOBAL";
 export type ObservableLinks = ObservableLink[];
-export type Taxonomies = {
-  [k: string]: unknown;
-}[];
+export type Taxonomies = Taxonomy[];
 export type Checks1 = string[];
 /**
  * Root observable type used during data extraction.
@@ -85,7 +83,6 @@ export interface CyvestInvestigation {
   event_log?: EventLog;
   observables: Observables;
   checks: Checks;
-  checks_by_level: ChecksByLevel;
   threat_intels: ThreatIntels1;
   enrichments: Enrichments;
   containers: Containers;
@@ -199,12 +196,6 @@ export interface ObservableLink {
   observable_key: string;
   propagation_mode?: PropagationMode;
 }
-/**
- * Check keys organized by level name.
- */
-export interface ChecksByLevel {
-  [k: string]: string[];
-}
 /**
  * Threat intelligence entries keyed by their unique key.
  */
@@ -232,6 +223,14 @@ export interface ThreatIntel {
 export interface Extra2 {
   [k: string]: unknown;
 }
+/**
+ * Represents a structured taxonomy entry for threat intelligence.
+ */
+export interface Taxonomy {
+  level: Level;
+  name: string;
+  value: string;
+}
 /**
  * Enrichment entries keyed by their unique key.
  */
@@ -294,7 +293,7 @@ export interface StatisticsSchema {
   total_checks: number;
   applied_checks: number;
   checks_by_scope?: ChecksByScope;
-  checks_by_level?: ChecksByLevel1;
+  checks_by_level?: ChecksByLevel;
   total_threat_intel: number;
   threat_intel_by_source?: ThreatIntelBySource;
   threat_intel_by_level?: ThreatIntelByLevel;
@@ -312,10 +311,10 @@ export interface ObservablesByTypeAndLevel {
   };
 }
 export interface ChecksByScope {
-  [k: string]: number;
+  [k: string]: string[];
 }
-export interface ChecksByLevel1 {
-  [k: string]: number;
+export interface ChecksByLevel {
+  [k: string]: string[];
 }
 export interface ThreatIntelBySource {
   [k: string]: number;

package/tests/getters-finders.test.ts

@@ -176,10 +176,6 @@ function createTestInvestigation(): CyvestInvestigation {
         },
       ],
     },
-    checks_by_level: {
-      INFO: ["chk:ip_check:network", "chk:dns_lookup:dns"],
-      MALICIOUS: ["chk:domain_check:dns"],
-    },
     threat_intels: {
       "ti:virustotal:obs:domain-name:example.com": {
         key: "ti:virustotal:obs:domain-name:example.com",
@@ -190,7 +186,7 @@ function createTestInvestigation(): CyvestInvestigation {
         score: 5,
         score_display: "5.00",
         level: "MALICIOUS",
-        taxonomies: [{ verdict: "malicious" }],
+        taxonomies: [{ level: "MALICIOUS", name: "verdict", value: "malicious" }],
       },
     },
     enrichments: {
@@ -232,8 +228,8 @@ function createTestInvestigation(): CyvestInvestigation {
       observables_by_type_and_level: {},
       total_checks: 3,
       applied_checks: 2,
-      checks_by_scope: { network: 1, dns: 2 },
-      checks_by_level: { INFO: 2, MALICIOUS: 1 },
+      checks_by_scope: { network: ["chk:ip_check:network"], dns: ["chk:domain_check:dns", "chk:dns_lookup:dns"] },
+      checks_by_level: { INFO: ["chk:ip_check:network", "chk:dns_lookup:dns"], MALICIOUS: ["chk:domain_check:dns"] },
       total_threat_intel: 1,
       threat_intel_by_source: { virustotal: 1 },
       threat_intel_by_level: { MALICIOUS: 1 },

package/tests/graph.test.ts

@@ -123,7 +123,6 @@ function createGraphTestInvestigation(): CyvestInvestigation {
       },
     },
     checks: {},
-    checks_by_level: {},
     threat_intels: {},
     enrichments: {},
     containers: {},