@x12i/memorix-retrieval 1.29.0 → 1.31.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (81) hide show
  1. package/catalox-seeds/inputs/entity-descriptors/assets.json +142 -34
  2. package/catalox-seeds/inputs/entity-descriptors/subnets.json +104 -11
  3. package/catalox-seeds/inputs/entity-descriptors/vulnerabilities-groups.json +9 -3
  4. package/catalox-seeds/inputs/entity-descriptors/vulnerabilities.json +121 -6
  5. package/catalox-seeds/inputs/item-descriptors/asset-detail-item.json +0 -1
  6. package/catalox-seeds/inputs/item-descriptors/vulnerability-detail-item.json +1 -0
  7. package/catalox-seeds/inputs/list-descriptors/assets-main-list.json +0 -2
  8. package/catalox-seeds/inputs/list-descriptors/vulnerabilities-main-list.json +2 -0
  9. package/catalox-seeds/memorix-retrieval-descriptors.manifest.json +628 -47
  10. package/dist/analysis/analyze-vulnerability-coverage.d.ts +101 -0
  11. package/dist/analysis/analyze-vulnerability-coverage.d.ts.map +1 -0
  12. package/dist/analysis/analyze-vulnerability-coverage.js +150 -0
  13. package/dist/analysis/analyze-vulnerability-coverage.js.map +1 -0
  14. package/dist/analysis/count-assets-with-vulnerabilities.d.ts +89 -0
  15. package/dist/analysis/count-assets-with-vulnerabilities.d.ts.map +1 -0
  16. package/dist/analysis/count-assets-with-vulnerabilities.js +143 -0
  17. package/dist/analysis/count-assets-with-vulnerabilities.js.map +1 -0
  18. package/dist/analysis/derive-subnet-ip.d.ts +18 -0
  19. package/dist/analysis/derive-subnet-ip.d.ts.map +1 -0
  20. package/dist/analysis/derive-subnet-ip.js +32 -0
  21. package/dist/analysis/derive-subnet-ip.js.map +1 -0
  22. package/dist/descriptors/content-type-labels.d.ts.map +1 -1
  23. package/dist/descriptors/content-type-labels.js +4 -5
  24. package/dist/descriptors/content-type-labels.js.map +1 -1
  25. package/dist/descriptors/descriptor-types.d.ts +48 -0
  26. package/dist/descriptors/descriptor-types.d.ts.map +1 -1
  27. package/dist/explorer/collection-inventory.d.ts.map +1 -1
  28. package/dist/explorer/collection-inventory.js +11 -12
  29. package/dist/explorer/collection-inventory.js.map +1 -1
  30. package/dist/explorer/discover-inventory-object-types.d.ts +23 -0
  31. package/dist/explorer/discover-inventory-object-types.d.ts.map +1 -0
  32. package/dist/explorer/discover-inventory-object-types.js +79 -0
  33. package/dist/explorer/discover-inventory-object-types.js.map +1 -0
  34. package/dist/explorer/reconciled-catalog.d.ts +2 -0
  35. package/dist/explorer/reconciled-catalog.d.ts.map +1 -1
  36. package/dist/explorer/reconciled-catalog.js +121 -20
  37. package/dist/explorer/reconciled-catalog.js.map +1 -1
  38. package/dist/explorer/unified-inventory.d.ts +5 -1
  39. package/dist/explorer/unified-inventory.d.ts.map +1 -1
  40. package/dist/explorer/unified-inventory.js +31 -3
  41. package/dist/explorer/unified-inventory.js.map +1 -1
  42. package/dist/index.d.ts +2 -1
  43. package/dist/index.d.ts.map +1 -1
  44. package/dist/index.js +2 -1
  45. package/dist/index.js.map +1 -1
  46. package/dist/mongo/env.d.ts +1 -0
  47. package/dist/mongo/env.d.ts.map +1 -1
  48. package/dist/mongo/env.js +9 -1
  49. package/dist/mongo/env.js.map +1 -1
  50. package/dist/retrieval/fetch-narratives.d.ts +5 -0
  51. package/dist/retrieval/fetch-narratives.d.ts.map +1 -1
  52. package/dist/retrieval/fetch-narratives.js +99 -9
  53. package/dist/retrieval/fetch-narratives.js.map +1 -1
  54. package/dist/tests/analyze-vulnerability-coverage.test.d.ts +2 -0
  55. package/dist/tests/analyze-vulnerability-coverage.test.d.ts.map +1 -0
  56. package/dist/tests/analyze-vulnerability-coverage.test.js +66 -0
  57. package/dist/tests/analyze-vulnerability-coverage.test.js.map +1 -0
  58. package/dist/tests/count-assets-with-vulnerabilities.test.d.ts +2 -0
  59. package/dist/tests/count-assets-with-vulnerabilities.test.d.ts.map +1 -0
  60. package/dist/tests/count-assets-with-vulnerabilities.test.js +95 -0
  61. package/dist/tests/count-assets-with-vulnerabilities.test.js.map +1 -0
  62. package/dist/tests/derive-subnet-ip.test.d.ts +2 -0
  63. package/dist/tests/derive-subnet-ip.test.d.ts.map +1 -0
  64. package/dist/tests/derive-subnet-ip.test.js +17 -0
  65. package/dist/tests/derive-subnet-ip.test.js.map +1 -0
  66. package/dist/tests/discover-inventory-object-types.test.d.ts +2 -0
  67. package/dist/tests/discover-inventory-object-types.test.d.ts.map +1 -0
  68. package/dist/tests/discover-inventory-object-types.test.js +48 -0
  69. package/dist/tests/discover-inventory-object-types.test.js.map +1 -0
  70. package/dist/tests/entity-graph.test.js +16 -2
  71. package/dist/tests/entity-graph.test.js.map +1 -1
  72. package/dist/tests/env.test.js +1 -1
  73. package/dist/tests/env.test.js.map +1 -1
  74. package/dist/tests/fetch-narratives.test.js +192 -6
  75. package/dist/tests/fetch-narratives.test.js.map +1 -1
  76. package/dist/tests/fixtures.d.ts.map +1 -1
  77. package/dist/tests/fixtures.js +6 -0
  78. package/dist/tests/fixtures.js.map +1 -1
  79. package/dist/tests/reconciled-catalog.test.js +76 -0
  80. package/dist/tests/reconciled-catalog.test.js.map +1 -1
  81. package/package.json +2 -2
@@ -35,6 +35,12 @@
35
35
  "snapshot.capturedAt",
36
36
  "data.lastSeen"
37
37
  ]
38
+ },
39
+ "scoped": {
40
+ "postfix": "scoped",
41
+ "collection": "assets-scoped",
42
+ "dataRoot": "data",
43
+ "isCanonical": false
38
44
  }
39
45
  },
40
46
  "properties": {
@@ -42,7 +48,7 @@
42
48
  "label": "IP Address",
43
49
  "source": {
44
50
  "contentType": "snapshots",
45
- "path": "data.ip_address"
51
+ "path": "data.assetIp"
46
52
  },
47
53
  "humanReadable": true,
48
54
  "sortable": true,
@@ -51,31 +57,31 @@
51
57
  "item": true,
52
58
  "valueType": "string"
53
59
  },
54
- "subnetIp": {
55
- "label": "Subnet IP",
60
+ "subnetCidrs": {
61
+ "label": "Subnet CIDRs",
56
62
  "source": {
57
63
  "contentType": "snapshots",
58
- "path": "data.subnetIp"
64
+ "path": "data.subnetCidrs"
59
65
  },
60
66
  "humanReadable": true,
61
- "sortable": true,
67
+ "sortable": false,
62
68
  "filterable": true,
63
- "list": true,
69
+ "list": false,
64
70
  "item": true,
65
- "valueType": "string"
71
+ "valueType": "array"
66
72
  },
67
- "subnetCidr": {
68
- "label": "Subnet CIDR",
73
+ "subnets": {
74
+ "label": "Resolved Subnets",
69
75
  "source": {
70
76
  "contentType": "snapshots",
71
- "path": "data.subnetCidr"
77
+ "path": "data.subnets"
72
78
  },
73
- "humanReadable": true,
74
- "sortable": true,
75
- "filterable": true,
79
+ "humanReadable": false,
80
+ "sortable": false,
81
+ "filterable": false,
76
82
  "list": false,
77
83
  "item": true,
78
- "valueType": "string"
84
+ "valueType": "array"
79
85
  },
80
86
  "source": {
81
87
  "label": "Source",
@@ -155,19 +161,6 @@
155
161
  "item": true,
156
162
  "valueType": "datetime"
157
163
  },
158
- "hasVulnerabilities": {
159
- "label": "Has Vulnerabilities",
160
- "source": {
161
- "contentType": "snapshots",
162
- "path": "data.hasVulnerabilities"
163
- },
164
- "humanReadable": true,
165
- "sortable": true,
166
- "filterable": true,
167
- "list": true,
168
- "item": true,
169
- "valueType": "boolean"
170
- },
171
164
  "criticalVulnerabilities": {
172
165
  "label": "Critical Vulnerabilities",
173
166
  "source": {
@@ -294,24 +287,137 @@
294
287
  "valueShape": "array<object>",
295
288
  "linkedObjectType": "subnets",
296
289
  "linkedContentType": "snapshots",
297
- "description": "Subnet snapshot payloads copied from subnets-snapshots.data when asset data.subnetCidrs matches subnet data.cidr.",
290
+ "description": "Subnet snapshot payloads copied from subnets-snapshots.data when asset data.subnetCidrs matches subnet data.cidr. Each item includes linked recordId.",
298
291
  "managed": true,
299
292
  "refreshRuleKey": "assets.subnets.snapshots.by-cidr",
300
293
  "sourceCollection": "subnets-snapshots"
301
294
  },
302
295
  {
303
- "name": "associatedInferred",
296
+ "name": "associatedDiscovery",
297
+ "contentType": "snapshots",
298
+ "kind": "associated",
299
+ "valueShape": "array<object>",
300
+ "linkedObjectType": "subnets",
301
+ "linkedContentType": "discovery",
302
+ "description": "Subnet discovery payloads copied from subnets-discovery.data when asset data.subnetCidrs matches subnet data.cidr.",
303
+ "managed": true,
304
+ "refreshRuleKey": "assets.subnets.discovery.by-cidr",
305
+ "sourceCollection": "subnets-discovery"
306
+ },
307
+ {
308
+ "name": "associatedSiblings",
309
+ "contentType": "snapshots",
310
+ "kind": "associated",
311
+ "valueShape": "array<object>",
312
+ "linkedObjectType": "assets",
313
+ "linkedContentType": "snapshots",
314
+ "description": "Root-level self-association: other asset snapshot data payloads sharing a data.subnetCidr value. Each item includes linked recordId. Capped at 99 items.",
315
+ "managed": true,
316
+ "refreshRuleKey": "assets.assets.snapshots.by-cidr",
317
+ "sourceCollection": "assets-snapshots"
318
+ },
319
+ {
320
+ "name": "associatedTopology",
321
+ "contentType": "snapshots",
322
+ "kind": "associated",
323
+ "valueShape": "array<object>",
324
+ "linkedObjectType": "subnets",
325
+ "linkedContentType": "snapshots",
326
+ "description": "Normalized subnet topology objects derived from associatedData and canonical subnet lookup. Each item includes kind, source, cidr, zone, vr, and exposure/reachability fields. subnetId is omitted.",
327
+ "managed": true,
328
+ "refreshRuleKey": "assets.associated-topology.by-associated-data",
329
+ "sourceCollection": "subnets-snapshots"
330
+ },
331
+ {
332
+ "name": "associatedSubnets",
304
333
  "contentType": "snapshots",
305
334
  "kind": "associated",
306
335
  "valueShape": "array<object>",
307
336
  "linkedObjectType": "subnets",
308
- "linkedContentType": "inferences",
309
- "description": "Subnet discovery payloads copied from subnets-inferences.data when asset data.subnetCidrs matches subnet data.cidr.",
337
+ "linkedContentType": "snapshots",
338
+ "description": "Explicit subnet snapshot payloads copied from subnets-snapshots.data when asset data.subnetCidrs matches subnet data.cidr.",
310
339
  "managed": true,
311
- "refreshRuleKey": "assets.subnets.inferences.by-cidr",
312
- "sourceCollection": "subnets-inferences"
340
+ "refreshRuleKey": "assets.subnets.snapshots.explicit.by-cidr",
341
+ "sourceCollection": "subnets-snapshots"
342
+ },
343
+ {
344
+ "name": "associatedSubnetsDiscovery",
345
+ "contentType": "snapshots",
346
+ "kind": "associated",
347
+ "valueShape": "array<object>",
348
+ "linkedObjectType": "subnets",
349
+ "linkedContentType": "discovery",
350
+ "description": "Explicit subnet discovery payloads copied from subnets-discovery when asset data.subnetCidrs matches subnet CIDR.",
351
+ "managed": true,
352
+ "refreshRuleKey": "assets.subnets.discovery.explicit.by-cidr",
353
+ "sourceCollection": "subnets-discovery"
354
+ },
355
+ {
356
+ "name": "associatedSubnetsAnalysis",
357
+ "contentType": "snapshots",
358
+ "kind": "associated",
359
+ "valueShape": "array<object>",
360
+ "linkedObjectType": "subnets",
361
+ "linkedContentType": "analysis",
362
+ "description": "Explicit subnet analysis payloads copied from subnets-analysis when asset data.subnetCidrs matches subnet CIDR.",
363
+ "managed": true,
364
+ "refreshRuleKey": "assets.subnets.analysis.explicit.by-cidr",
365
+ "sourceCollection": "subnets-analysis"
313
366
  }
314
367
  ],
368
+ "processing": {
369
+ "entityRoutes": [
370
+ {
371
+ "routeKey": "subnets-to-assets",
372
+ "parentObjectType": "subnets",
373
+ "childObjectType": "assets",
374
+ "relationshipName": "assetSubnet",
375
+ "direction": "parentToChild",
376
+ "source": {
377
+ "contentType": "snapshots",
378
+ "path": "data.subnetCidrs"
379
+ },
380
+ "target": {
381
+ "contentType": "snapshots",
382
+ "path": "data.cidr"
383
+ }
384
+ }
385
+ ],
386
+ "resolvers": [
387
+ {
388
+ "processorId": "assets.subnet-cidr",
389
+ "resolverType": "subnet-cidr",
390
+ "kind": "function",
391
+ "config": {
392
+ "mode": "resolve",
393
+ "assetIpPaths": ["data.assetIps", "data.assetIp"],
394
+ "canonicalCollection": {
395
+ "db": "neo-memorix-entities",
396
+ "collection": "subnets-snapshots"
397
+ }
398
+ }
399
+ }
400
+ ],
401
+ "associatedContent": {
402
+ "rollParentSnapshots": true,
403
+ "excludePostfixes": ["raw"]
404
+ }
405
+ },
406
+ "narratives": {
407
+ "has-vulnerabilities": {
408
+ "label": "Has vulnerabilities",
409
+ "kind": "having-signal",
410
+ "sourceRef": "assetVulnerabilities",
411
+ "targetEntity": "vulnerabilities"
412
+ },
413
+ "has-medium-vulnerabilities": {
414
+ "kind": "association-common-property",
415
+ "sourceRef": "assetVulnerabilities",
416
+ "targetEntity": "vulnerabilities",
417
+ "property": "severity",
418
+ "value": "medium"
419
+ }
420
+ },
315
421
  "relations": {
316
422
  "assetSubnet": {
317
423
  "targetEntity": "subnets",
@@ -328,7 +434,9 @@
328
434
  "defaultArrayProperty": "associatedData",
329
435
  "targetFields": [
330
436
  "cidr",
331
- "subnetIp",
437
+ "networkAddress",
438
+ "prefixLength",
439
+ "mask",
332
440
  "zone",
333
441
  "vr"
334
442
  ]
@@ -29,14 +29,9 @@
29
29
  "collection": "subnets-snapshots",
30
30
  "isCanonical": true
31
31
  },
32
- "core": {
33
- "postfix": "core",
34
- "collection": "subnets-core",
35
- "isCanonical": false
36
- },
37
- "inferences": {
38
- "postfix": "inferences",
39
- "collection": "subnets-inferences",
32
+ "discovery": {
33
+ "postfix": "discovery",
34
+ "collection": "subnets-discovery",
40
35
  "isCanonical": false
41
36
  },
42
37
  "scoped": {
@@ -50,6 +45,18 @@
50
45
  "isCanonical": false
51
46
  }
52
47
  },
48
+ "rootProperties": {
49
+ "possiblePaths": {
50
+ "label": "Possible Paths",
51
+ "source": {
52
+ "contentType": "snapshots",
53
+ "path": "possiblePaths"
54
+ },
55
+ "valueShape": "object",
56
+ "description": "Subnet-specific topology path facts stored at the snapshot root.",
57
+ "managed": true
58
+ }
59
+ },
53
60
  "properties": {
54
61
  "recordId": {
55
62
  "label": "Record ID",
@@ -77,11 +84,11 @@
77
84
  "item": true,
78
85
  "valueType": "string"
79
86
  },
80
- "subnetIp": {
81
- "label": "Subnet network address",
87
+ "networkAddress": {
88
+ "label": "Network Address",
82
89
  "source": {
83
90
  "contentType": "snapshots",
84
- "path": "data.subnetIp"
91
+ "path": "data.networkAddress"
85
92
  },
86
93
  "humanReadable": true,
87
94
  "sortable": true,
@@ -90,6 +97,32 @@
90
97
  "item": true,
91
98
  "valueType": "string"
92
99
  },
100
+ "prefixLength": {
101
+ "label": "Prefix Length",
102
+ "source": {
103
+ "contentType": "snapshots",
104
+ "path": "data.prefixLength"
105
+ },
106
+ "humanReadable": true,
107
+ "sortable": true,
108
+ "filterable": true,
109
+ "list": false,
110
+ "item": true,
111
+ "valueType": "number"
112
+ },
113
+ "mask": {
114
+ "label": "Subnet Mask",
115
+ "source": {
116
+ "contentType": "snapshots",
117
+ "path": "data.mask"
118
+ },
119
+ "humanReadable": true,
120
+ "sortable": true,
121
+ "filterable": true,
122
+ "list": false,
123
+ "item": true,
124
+ "valueType": "string"
125
+ },
93
126
  "zone": {
94
127
  "label": "Zone",
95
128
  "source": {
@@ -260,5 +293,65 @@
260
293
  "valueType": "string"
261
294
  }
262
295
  },
296
+ "associatedProperties": [
297
+ {
298
+ "name": "associatedChildren",
299
+ "contentType": "snapshots",
300
+ "kind": "associated",
301
+ "valueShape": "array<object>",
302
+ "linkedObjectType": "assets",
303
+ "linkedContentType": "snapshots",
304
+ "description": "Asset snapshot data payloads whose data.subnetCidrs contains this subnet data.cidr. Each item includes linked recordId. Capped at 99 items.",
305
+ "managed": true,
306
+ "refreshRuleKey": "subnets.assets.snapshots.by-cidr",
307
+ "sourceCollection": "assets-snapshots"
308
+ }
309
+ ],
310
+ "processing": {
311
+ "entityRoutes": [
312
+ {
313
+ "routeKey": "zones-to-subnets",
314
+ "parentObjectType": "topology-zones",
315
+ "childObjectType": "subnets",
316
+ "relationshipName": "subnetZone",
317
+ "direction": "parentToChild",
318
+ "source": {
319
+ "contentType": "snapshots",
320
+ "path": "data.zone"
321
+ },
322
+ "target": {
323
+ "contentType": "snapshots",
324
+ "path": "data.name"
325
+ }
326
+ }
327
+ ],
328
+ "insightStages": [
329
+ {
330
+ "processorId": "network.cidr-topology-path-resolver",
331
+ "kind": "function",
332
+ "inputKind": "cidr",
333
+ "outputKind": "cidr-path-facts",
334
+ "writeToInsights": false,
335
+ "sources": {
336
+ "topologyDb": "memorix-knowledge",
337
+ "topologyCollection": "topology-raw"
338
+ }
339
+ },
340
+ {
341
+ "processorId": "network.cidr-zone-path-insights",
342
+ "kind": "function",
343
+ "inputKind": "cidr-path-facts",
344
+ "outputKind": "insights",
345
+ "writeToInsights": true,
346
+ "sources": {
347
+ "zonesCollection": "topology-zones-snapshots"
348
+ }
349
+ }
350
+ ],
351
+ "associatedContent": {
352
+ "rollParentSnapshots": true,
353
+ "excludePostfixes": ["raw"]
354
+ }
355
+ },
263
356
  "relations": {}
264
357
  }
@@ -30,9 +30,9 @@
30
30
  "dataRoot": "data",
31
31
  "isCanonical": true
32
32
  },
33
- "inferences": {
34
- "postfix": "inferences",
35
- "collection": "vulnerabilities-groups-inferences",
33
+ "discovery": {
34
+ "postfix": "discovery",
35
+ "collection": "vulnerabilities-groups-discovery",
36
36
  "dataRoot": "data",
37
37
  "isCanonical": false
38
38
  },
@@ -111,6 +111,12 @@
111
111
  }
112
112
  },
113
113
  "associatedProperties": [],
114
+ "processing": {
115
+ "associatedContent": {
116
+ "rollParentSnapshots": false,
117
+ "excludePostfixes": ["raw"]
118
+ }
119
+ },
114
120
  "relations": {
115
121
  "groupVulnerabilities": {
116
122
  "targetEntity": "vulnerabilities",
@@ -64,6 +64,19 @@
64
64
  "item": true,
65
65
  "valueType": "string"
66
66
  },
67
+ "subnetIp": {
68
+ "label": "Subnet IP",
69
+ "source": {
70
+ "contentType": "snapshots",
71
+ "path": "data.subnetIp"
72
+ },
73
+ "humanReadable": true,
74
+ "sortable": true,
75
+ "filterable": true,
76
+ "list": true,
77
+ "item": true,
78
+ "valueType": "string"
79
+ },
67
80
  "assetType": {
68
81
  "label": "Asset Type",
69
82
  "source": {
@@ -378,16 +391,16 @@
378
391
  "sourceCollection": "vulnerabilities-groups-snapshots"
379
392
  },
380
393
  {
381
- "name": "associatedInferred",
394
+ "name": "associatedDiscovery",
382
395
  "contentType": "snapshots",
383
396
  "kind": "associated",
384
397
  "valueShape": "array<object>",
385
398
  "linkedObjectType": "vulnerabilities-groups",
386
- "linkedContentType": "inferences",
387
- "description": "Vulnerability group discovery payloads copied from vulnerabilities-groups-inferences.data via group name bridge.",
399
+ "linkedContentType": "discovery",
400
+ "description": "Vulnerability group discovery payloads copied from vulnerabilities-groups-discovery.data via group name bridge.",
388
401
  "managed": true,
389
- "refreshRuleKey": "vulnerabilities.vulnerability-groups.inferences.by-name",
390
- "sourceCollection": "vulnerabilities-groups-inferences"
402
+ "refreshRuleKey": "vulnerabilities.vulnerability-groups.discovery.by-name",
403
+ "sourceCollection": "vulnerabilities-groups-discovery"
391
404
  },
392
405
  {
393
406
  "name": "associatedAnalysis",
@@ -408,12 +421,114 @@
408
421
  "valueShape": "array<object>",
409
422
  "linkedObjectType": "assets",
410
423
  "linkedContentType": "snapshots",
411
- "description": "Optional asset snapshot payloads copied from assets-snapshots.data when data.assetIp matches asset data.assetIps.",
424
+ "description": "Optional asset snapshot payloads copied from assets-snapshots.data when data.assetIp exactly matches asset data.assetIps, data.assetIp, or legacy data.ip_address. At most one item per vulnerability.",
412
425
  "managed": true,
413
426
  "refreshRuleKey": "vulnerabilities.assets.snapshots.by-assetIp",
414
427
  "sourceCollection": "assets-snapshots"
428
+ },
429
+ {
430
+ "name": "associatedTopology",
431
+ "contentType": "snapshots",
432
+ "kind": "associated",
433
+ "valueShape": "array<object>",
434
+ "linkedObjectType": "subnets",
435
+ "linkedContentType": "snapshots",
436
+ "description": "Normalized subnet topology objects from associatedData roll-down and canonical subnet lookup by data.assetIp. May contain both associatedData and subnetLookup sources for the same CIDR.",
437
+ "managed": true,
438
+ "refreshRuleKey": "vulnerabilities.associated-topology.by-associated-data-and-subnet-lookup",
439
+ "sourceCollection": "subnets-snapshots"
440
+ },
441
+ {
442
+ "name": "associatedVulnerabilityGroup",
443
+ "contentType": "snapshots",
444
+ "kind": "associated",
445
+ "valueShape": "array<object>",
446
+ "linkedObjectType": "vulnerabilities-groups",
447
+ "linkedContentType": "snapshots",
448
+ "description": "Explicit vulnerability group snapshot payloads copied from vulnerabilities-groups-snapshots.data when data.vulnerabilityName matches group data.name.",
449
+ "managed": true,
450
+ "refreshRuleKey": "vulnerabilities.vulnerability-groups.snapshots.explicit.by-name",
451
+ "sourceCollection": "vulnerabilities-groups-snapshots"
452
+ },
453
+ {
454
+ "name": "associatedVulnerabilityGroupDiscovery",
455
+ "contentType": "snapshots",
456
+ "kind": "associated",
457
+ "valueShape": "array<object>",
458
+ "linkedObjectType": "vulnerabilities-groups",
459
+ "linkedContentType": "discovery",
460
+ "description": "Explicit vulnerability group discovery payloads copied from vulnerabilities-groups-discovery via group name bridge.",
461
+ "managed": true,
462
+ "refreshRuleKey": "vulnerabilities.vulnerability-groups.discovery.explicit.by-name",
463
+ "sourceCollection": "vulnerabilities-groups-discovery"
464
+ },
465
+ {
466
+ "name": "associatedVulnerabilityGroupAnalysis",
467
+ "contentType": "snapshots",
468
+ "kind": "associated",
469
+ "valueShape": "array<object>",
470
+ "linkedObjectType": "vulnerabilities-groups",
471
+ "linkedContentType": "analysis",
472
+ "description": "Explicit vulnerability group analysis payloads copied from vulnerabilities-groups-analysis via group name bridge.",
473
+ "managed": true,
474
+ "refreshRuleKey": "vulnerabilities.vulnerability-groups.analysis.explicit.by-name",
475
+ "sourceCollection": "vulnerabilities-groups-analysis"
415
476
  }
416
477
  ],
478
+ "processing": {
479
+ "entityRoutes": [
480
+ {
481
+ "routeKey": "groups-to-vulnerabilities",
482
+ "parentObjectType": "vulnerabilities-groups",
483
+ "childObjectType": "vulnerabilities",
484
+ "relationshipName": "vulnerabilityGroup",
485
+ "direction": "parentToChild",
486
+ "source": {
487
+ "contentType": "snapshots",
488
+ "path": "data.vulnerabilityName"
489
+ },
490
+ "target": {
491
+ "contentType": "snapshots",
492
+ "path": "data.name"
493
+ },
494
+ "prerequisites": [
495
+ {
496
+ "parentObjectType": "vulnerabilities-groups",
497
+ "parentContentPostfix": "analysis",
498
+ "lifecycleProcess": "entity-insights-processed",
499
+ "onMissing": "defer"
500
+ }
501
+ ]
502
+ },
503
+ {
504
+ "routeKey": "assets-to-vulnerabilities",
505
+ "parentObjectType": "assets",
506
+ "childObjectType": "vulnerabilities",
507
+ "relationshipName": "affectedAsset",
508
+ "direction": "parentToChild",
509
+ "source": {
510
+ "contentType": "snapshots",
511
+ "path": "data.assetIp"
512
+ },
513
+ "target": {
514
+ "contentType": "snapshots",
515
+ "path": "data.assetIps"
516
+ }
517
+ }
518
+ ],
519
+ "associatedContent": {
520
+ "rollParentSnapshots": true,
521
+ "excludePostfixes": ["raw"]
522
+ }
523
+ },
524
+ "narratives": {
525
+ "has-assets": {
526
+ "label": "Has assets",
527
+ "kind": "having-signal",
528
+ "sourceRef": "affectedAsset",
529
+ "targetEntity": "assets"
530
+ }
531
+ },
417
532
  "relations": {
418
533
  "affectedAsset": {
419
534
  "targetEntity": "assets",
@@ -41,7 +41,6 @@
41
41
  "id": "vulnerabilitySummary",
42
42
  "title": "Vulnerability Summary",
43
43
  "fields": [
44
- "hasVulnerabilities",
45
44
  "criticalVulnerabilities",
46
45
  "highVulnerabilities",
47
46
  "mediumVulnerabilities",
@@ -37,6 +37,7 @@
37
37
  "title": "Affected Asset",
38
38
  "fields": [
39
39
  "assetIp",
40
+ "subnetIp",
40
41
  "assetType",
41
42
  "assetZone",
42
43
  "assetHostname",
@@ -18,7 +18,6 @@
18
18
  "agentType",
19
19
  "xdrOperationalStatus",
20
20
  "xdrAgentStatus",
21
- "hasVulnerabilities",
22
21
  "criticalVulnerabilities",
23
22
  "highVulnerabilities",
24
23
  "potentialImpactLevel",
@@ -35,7 +34,6 @@
35
34
  "agentType",
36
35
  "xdrOperationalStatus",
37
36
  "xdrAgentStatus",
38
- "hasVulnerabilities",
39
37
  "criticalVulnerabilities",
40
38
  "highVulnerabilities",
41
39
  "potentialImpactLevel",
@@ -12,6 +12,7 @@
12
12
  "fields": [
13
13
  "vulnerabilityId",
14
14
  "assetIp",
15
+ "subnetIp",
15
16
  "pluginName",
16
17
  "pluginFamily",
17
18
  "severity",
@@ -28,6 +29,7 @@
28
29
  "allowedSorts": [
29
30
  "vulnerabilityId",
30
31
  "assetIp",
32
+ "subnetIp",
31
33
  "pluginName",
32
34
  "pluginFamily",
33
35
  "severity",