@x12i/memorix-retrieval 1.30.0 → 1.31.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (51) hide show
  1. package/catalox-seeds/inputs/entity-descriptors/assets.json +106 -18
  2. package/catalox-seeds/inputs/entity-descriptors/subnets.json +61 -8
  3. package/catalox-seeds/inputs/entity-descriptors/vulnerabilities-groups.json +9 -3
  4. package/catalox-seeds/inputs/entity-descriptors/vulnerabilities.json +121 -6
  5. package/catalox-seeds/inputs/item-descriptors/asset-detail-item.json +0 -1
  6. package/catalox-seeds/inputs/item-descriptors/vulnerability-detail-item.json +1 -0
  7. package/catalox-seeds/inputs/list-descriptors/assets-main-list.json +0 -2
  8. package/catalox-seeds/inputs/list-descriptors/vulnerabilities-main-list.json +2 -0
  9. package/catalox-seeds/memorix-retrieval-descriptors.manifest.json +384 -57
  10. package/dist/analysis/analyze-vulnerability-coverage.d.ts +101 -0
  11. package/dist/analysis/analyze-vulnerability-coverage.d.ts.map +1 -0
  12. package/dist/analysis/analyze-vulnerability-coverage.js +150 -0
  13. package/dist/analysis/analyze-vulnerability-coverage.js.map +1 -0
  14. package/dist/analysis/count-assets-with-vulnerabilities.d.ts +89 -0
  15. package/dist/analysis/count-assets-with-vulnerabilities.d.ts.map +1 -0
  16. package/dist/analysis/count-assets-with-vulnerabilities.js +143 -0
  17. package/dist/analysis/count-assets-with-vulnerabilities.js.map +1 -0
  18. package/dist/analysis/derive-subnet-ip.d.ts +18 -0
  19. package/dist/analysis/derive-subnet-ip.d.ts.map +1 -0
  20. package/dist/analysis/derive-subnet-ip.js +32 -0
  21. package/dist/analysis/derive-subnet-ip.js.map +1 -0
  22. package/dist/descriptors/content-type-labels.d.ts.map +1 -1
  23. package/dist/descriptors/content-type-labels.js +4 -5
  24. package/dist/descriptors/content-type-labels.js.map +1 -1
  25. package/dist/descriptors/descriptor-types.d.ts +48 -0
  26. package/dist/descriptors/descriptor-types.d.ts.map +1 -1
  27. package/dist/mongo/env.d.ts +1 -0
  28. package/dist/mongo/env.d.ts.map +1 -1
  29. package/dist/mongo/env.js +9 -1
  30. package/dist/mongo/env.js.map +1 -1
  31. package/dist/retrieval/fetch-narratives.d.ts +5 -0
  32. package/dist/retrieval/fetch-narratives.d.ts.map +1 -1
  33. package/dist/retrieval/fetch-narratives.js +99 -9
  34. package/dist/retrieval/fetch-narratives.js.map +1 -1
  35. package/dist/tests/analyze-vulnerability-coverage.test.d.ts +2 -0
  36. package/dist/tests/analyze-vulnerability-coverage.test.d.ts.map +1 -0
  37. package/dist/tests/analyze-vulnerability-coverage.test.js +66 -0
  38. package/dist/tests/analyze-vulnerability-coverage.test.js.map +1 -0
  39. package/dist/tests/count-assets-with-vulnerabilities.test.d.ts +2 -0
  40. package/dist/tests/count-assets-with-vulnerabilities.test.d.ts.map +1 -0
  41. package/dist/tests/count-assets-with-vulnerabilities.test.js +95 -0
  42. package/dist/tests/count-assets-with-vulnerabilities.test.js.map +1 -0
  43. package/dist/tests/derive-subnet-ip.test.d.ts +2 -0
  44. package/dist/tests/derive-subnet-ip.test.d.ts.map +1 -0
  45. package/dist/tests/derive-subnet-ip.test.js +17 -0
  46. package/dist/tests/derive-subnet-ip.test.js.map +1 -0
  47. package/dist/tests/env.test.js +1 -1
  48. package/dist/tests/env.test.js.map +1 -1
  49. package/dist/tests/fetch-narratives.test.js +191 -5
  50. package/dist/tests/fetch-narratives.test.js.map +1 -1
  51. package/package.json +2 -2
@@ -161,19 +161,6 @@
161
161
  "item": true,
162
162
  "valueType": "datetime"
163
163
  },
164
- "hasVulnerabilities": {
165
- "label": "Has Vulnerabilities",
166
- "source": {
167
- "contentType": "snapshots",
168
- "path": "data.hasVulnerabilities"
169
- },
170
- "humanReadable": true,
171
- "sortable": true,
172
- "filterable": true,
173
- "list": true,
174
- "item": true,
175
- "valueType": "boolean"
176
- },
177
164
  "criticalVulnerabilities": {
178
165
  "label": "Critical Vulnerabilities",
179
166
  "source": {
@@ -306,16 +293,16 @@
306
293
  "sourceCollection": "subnets-snapshots"
307
294
  },
308
295
  {
309
- "name": "associatedInferred",
296
+ "name": "associatedDiscovery",
310
297
  "contentType": "snapshots",
311
298
  "kind": "associated",
312
299
  "valueShape": "array<object>",
313
300
  "linkedObjectType": "subnets",
314
- "linkedContentType": "inferences",
315
- "description": "Subnet discovery payloads copied from subnets-inferences.data when asset data.subnetCidrs matches subnet data.cidr.",
301
+ "linkedContentType": "discovery",
302
+ "description": "Subnet discovery payloads copied from subnets-discovery.data when asset data.subnetCidrs matches subnet data.cidr.",
316
303
  "managed": true,
317
- "refreshRuleKey": "assets.subnets.inferences.by-cidr",
318
- "sourceCollection": "subnets-inferences"
304
+ "refreshRuleKey": "assets.subnets.discovery.by-cidr",
305
+ "sourceCollection": "subnets-discovery"
319
306
  },
320
307
  {
321
308
  "name": "associatedSiblings",
@@ -328,8 +315,109 @@
328
315
  "managed": true,
329
316
  "refreshRuleKey": "assets.assets.snapshots.by-cidr",
330
317
  "sourceCollection": "assets-snapshots"
318
+ },
319
+ {
320
+ "name": "associatedTopology",
321
+ "contentType": "snapshots",
322
+ "kind": "associated",
323
+ "valueShape": "array<object>",
324
+ "linkedObjectType": "subnets",
325
+ "linkedContentType": "snapshots",
326
+ "description": "Normalized subnet topology objects derived from associatedData and canonical subnet lookup. Each item includes kind, source, cidr, zone, vr, and exposure/reachability fields. subnetId is omitted.",
327
+ "managed": true,
328
+ "refreshRuleKey": "assets.associated-topology.by-associated-data",
329
+ "sourceCollection": "subnets-snapshots"
330
+ },
331
+ {
332
+ "name": "associatedSubnets",
333
+ "contentType": "snapshots",
334
+ "kind": "associated",
335
+ "valueShape": "array<object>",
336
+ "linkedObjectType": "subnets",
337
+ "linkedContentType": "snapshots",
338
+ "description": "Explicit subnet snapshot payloads copied from subnets-snapshots.data when asset data.subnetCidrs matches subnet data.cidr.",
339
+ "managed": true,
340
+ "refreshRuleKey": "assets.subnets.snapshots.explicit.by-cidr",
341
+ "sourceCollection": "subnets-snapshots"
342
+ },
343
+ {
344
+ "name": "associatedSubnetsDiscovery",
345
+ "contentType": "snapshots",
346
+ "kind": "associated",
347
+ "valueShape": "array<object>",
348
+ "linkedObjectType": "subnets",
349
+ "linkedContentType": "discovery",
350
+ "description": "Explicit subnet discovery payloads copied from subnets-discovery when asset data.subnetCidrs matches subnet CIDR.",
351
+ "managed": true,
352
+ "refreshRuleKey": "assets.subnets.discovery.explicit.by-cidr",
353
+ "sourceCollection": "subnets-discovery"
354
+ },
355
+ {
356
+ "name": "associatedSubnetsAnalysis",
357
+ "contentType": "snapshots",
358
+ "kind": "associated",
359
+ "valueShape": "array<object>",
360
+ "linkedObjectType": "subnets",
361
+ "linkedContentType": "analysis",
362
+ "description": "Explicit subnet analysis payloads copied from subnets-analysis when asset data.subnetCidrs matches subnet CIDR.",
363
+ "managed": true,
364
+ "refreshRuleKey": "assets.subnets.analysis.explicit.by-cidr",
365
+ "sourceCollection": "subnets-analysis"
331
366
  }
332
367
  ],
368
+ "processing": {
369
+ "entityRoutes": [
370
+ {
371
+ "routeKey": "subnets-to-assets",
372
+ "parentObjectType": "subnets",
373
+ "childObjectType": "assets",
374
+ "relationshipName": "assetSubnet",
375
+ "direction": "parentToChild",
376
+ "source": {
377
+ "contentType": "snapshots",
378
+ "path": "data.subnetCidrs"
379
+ },
380
+ "target": {
381
+ "contentType": "snapshots",
382
+ "path": "data.cidr"
383
+ }
384
+ }
385
+ ],
386
+ "resolvers": [
387
+ {
388
+ "processorId": "assets.subnet-cidr",
389
+ "resolverType": "subnet-cidr",
390
+ "kind": "function",
391
+ "config": {
392
+ "mode": "resolve",
393
+ "assetIpPaths": ["data.assetIps", "data.assetIp"],
394
+ "canonicalCollection": {
395
+ "db": "neo-memorix-entities",
396
+ "collection": "subnets-snapshots"
397
+ }
398
+ }
399
+ }
400
+ ],
401
+ "associatedContent": {
402
+ "rollParentSnapshots": true,
403
+ "excludePostfixes": ["raw"]
404
+ }
405
+ },
406
+ "narratives": {
407
+ "has-vulnerabilities": {
408
+ "label": "Has vulnerabilities",
409
+ "kind": "having-signal",
410
+ "sourceRef": "assetVulnerabilities",
411
+ "targetEntity": "vulnerabilities"
412
+ },
413
+ "has-medium-vulnerabilities": {
414
+ "kind": "association-common-property",
415
+ "sourceRef": "assetVulnerabilities",
416
+ "targetEntity": "vulnerabilities",
417
+ "property": "severity",
418
+ "value": "medium"
419
+ }
420
+ },
333
421
  "relations": {
334
422
  "assetSubnet": {
335
423
  "targetEntity": "subnets",
@@ -29,14 +29,9 @@
29
29
  "collection": "subnets-snapshots",
30
30
  "isCanonical": true
31
31
  },
32
- "core": {
33
- "postfix": "core",
34
- "collection": "subnets-core",
35
- "isCanonical": false
36
- },
37
- "inferences": {
38
- "postfix": "inferences",
39
- "collection": "subnets-inferences",
32
+ "discovery": {
33
+ "postfix": "discovery",
34
+ "collection": "subnets-discovery",
40
35
  "isCanonical": false
41
36
  },
42
37
  "scoped": {
@@ -50,6 +45,18 @@
50
45
  "isCanonical": false
51
46
  }
52
47
  },
48
+ "rootProperties": {
49
+ "possiblePaths": {
50
+ "label": "Possible Paths",
51
+ "source": {
52
+ "contentType": "snapshots",
53
+ "path": "possiblePaths"
54
+ },
55
+ "valueShape": "object",
56
+ "description": "Subnet-specific topology path facts stored at the snapshot root.",
57
+ "managed": true
58
+ }
59
+ },
53
60
  "properties": {
54
61
  "recordId": {
55
62
  "label": "Record ID",
@@ -300,5 +307,51 @@
300
307
  "sourceCollection": "assets-snapshots"
301
308
  }
302
309
  ],
310
+ "processing": {
311
+ "entityRoutes": [
312
+ {
313
+ "routeKey": "zones-to-subnets",
314
+ "parentObjectType": "topology-zones",
315
+ "childObjectType": "subnets",
316
+ "relationshipName": "subnetZone",
317
+ "direction": "parentToChild",
318
+ "source": {
319
+ "contentType": "snapshots",
320
+ "path": "data.zone"
321
+ },
322
+ "target": {
323
+ "contentType": "snapshots",
324
+ "path": "data.name"
325
+ }
326
+ }
327
+ ],
328
+ "insightStages": [
329
+ {
330
+ "processorId": "network.cidr-topology-path-resolver",
331
+ "kind": "function",
332
+ "inputKind": "cidr",
333
+ "outputKind": "cidr-path-facts",
334
+ "writeToInsights": false,
335
+ "sources": {
336
+ "topologyDb": "memorix-knowledge",
337
+ "topologyCollection": "topology-raw"
338
+ }
339
+ },
340
+ {
341
+ "processorId": "network.cidr-zone-path-insights",
342
+ "kind": "function",
343
+ "inputKind": "cidr-path-facts",
344
+ "outputKind": "insights",
345
+ "writeToInsights": true,
346
+ "sources": {
347
+ "zonesCollection": "topology-zones-snapshots"
348
+ }
349
+ }
350
+ ],
351
+ "associatedContent": {
352
+ "rollParentSnapshots": true,
353
+ "excludePostfixes": ["raw"]
354
+ }
355
+ },
303
356
  "relations": {}
304
357
  }
@@ -30,9 +30,9 @@
30
30
  "dataRoot": "data",
31
31
  "isCanonical": true
32
32
  },
33
- "inferences": {
34
- "postfix": "inferences",
35
- "collection": "vulnerabilities-groups-inferences",
33
+ "discovery": {
34
+ "postfix": "discovery",
35
+ "collection": "vulnerabilities-groups-discovery",
36
36
  "dataRoot": "data",
37
37
  "isCanonical": false
38
38
  },
@@ -111,6 +111,12 @@
111
111
  }
112
112
  },
113
113
  "associatedProperties": [],
114
+ "processing": {
115
+ "associatedContent": {
116
+ "rollParentSnapshots": false,
117
+ "excludePostfixes": ["raw"]
118
+ }
119
+ },
114
120
  "relations": {
115
121
  "groupVulnerabilities": {
116
122
  "targetEntity": "vulnerabilities",
@@ -64,6 +64,19 @@
64
64
  "item": true,
65
65
  "valueType": "string"
66
66
  },
67
+ "subnetIp": {
68
+ "label": "Subnet IP",
69
+ "source": {
70
+ "contentType": "snapshots",
71
+ "path": "data.subnetIp"
72
+ },
73
+ "humanReadable": true,
74
+ "sortable": true,
75
+ "filterable": true,
76
+ "list": true,
77
+ "item": true,
78
+ "valueType": "string"
79
+ },
67
80
  "assetType": {
68
81
  "label": "Asset Type",
69
82
  "source": {
@@ -378,16 +391,16 @@
378
391
  "sourceCollection": "vulnerabilities-groups-snapshots"
379
392
  },
380
393
  {
381
- "name": "associatedInferred",
394
+ "name": "associatedDiscovery",
382
395
  "contentType": "snapshots",
383
396
  "kind": "associated",
384
397
  "valueShape": "array<object>",
385
398
  "linkedObjectType": "vulnerabilities-groups",
386
- "linkedContentType": "inferences",
387
- "description": "Vulnerability group discovery payloads copied from vulnerabilities-groups-inferences.data via group name bridge.",
399
+ "linkedContentType": "discovery",
400
+ "description": "Vulnerability group discovery payloads copied from vulnerabilities-groups-discovery.data via group name bridge.",
388
401
  "managed": true,
389
- "refreshRuleKey": "vulnerabilities.vulnerability-groups.inferences.by-name",
390
- "sourceCollection": "vulnerabilities-groups-inferences"
402
+ "refreshRuleKey": "vulnerabilities.vulnerability-groups.discovery.by-name",
403
+ "sourceCollection": "vulnerabilities-groups-discovery"
391
404
  },
392
405
  {
393
406
  "name": "associatedAnalysis",
@@ -408,12 +421,114 @@
408
421
  "valueShape": "array<object>",
409
422
  "linkedObjectType": "assets",
410
423
  "linkedContentType": "snapshots",
411
- "description": "Optional asset snapshot payloads copied from assets-snapshots.data when data.assetIp matches asset data.assetIps.",
424
+ "description": "Optional asset snapshot payloads copied from assets-snapshots.data when data.assetIp exactly matches asset data.assetIps, data.assetIp, or legacy data.ip_address. At most one item per vulnerability.",
412
425
  "managed": true,
413
426
  "refreshRuleKey": "vulnerabilities.assets.snapshots.by-assetIp",
414
427
  "sourceCollection": "assets-snapshots"
428
+ },
429
+ {
430
+ "name": "associatedTopology",
431
+ "contentType": "snapshots",
432
+ "kind": "associated",
433
+ "valueShape": "array<object>",
434
+ "linkedObjectType": "subnets",
435
+ "linkedContentType": "snapshots",
436
+ "description": "Normalized subnet topology objects from associatedData roll-down and canonical subnet lookup by data.assetIp. May contain both associatedData and subnetLookup sources for the same CIDR.",
437
+ "managed": true,
438
+ "refreshRuleKey": "vulnerabilities.associated-topology.by-associated-data-and-subnet-lookup",
439
+ "sourceCollection": "subnets-snapshots"
440
+ },
441
+ {
442
+ "name": "associatedVulnerabilityGroup",
443
+ "contentType": "snapshots",
444
+ "kind": "associated",
445
+ "valueShape": "array<object>",
446
+ "linkedObjectType": "vulnerabilities-groups",
447
+ "linkedContentType": "snapshots",
448
+ "description": "Explicit vulnerability group snapshot payloads copied from vulnerabilities-groups-snapshots.data when data.vulnerabilityName matches group data.name.",
449
+ "managed": true,
450
+ "refreshRuleKey": "vulnerabilities.vulnerability-groups.snapshots.explicit.by-name",
451
+ "sourceCollection": "vulnerabilities-groups-snapshots"
452
+ },
453
+ {
454
+ "name": "associatedVulnerabilityGroupDiscovery",
455
+ "contentType": "snapshots",
456
+ "kind": "associated",
457
+ "valueShape": "array<object>",
458
+ "linkedObjectType": "vulnerabilities-groups",
459
+ "linkedContentType": "discovery",
460
+ "description": "Explicit vulnerability group discovery payloads copied from vulnerabilities-groups-discovery via group name bridge.",
461
+ "managed": true,
462
+ "refreshRuleKey": "vulnerabilities.vulnerability-groups.discovery.explicit.by-name",
463
+ "sourceCollection": "vulnerabilities-groups-discovery"
464
+ },
465
+ {
466
+ "name": "associatedVulnerabilityGroupAnalysis",
467
+ "contentType": "snapshots",
468
+ "kind": "associated",
469
+ "valueShape": "array<object>",
470
+ "linkedObjectType": "vulnerabilities-groups",
471
+ "linkedContentType": "analysis",
472
+ "description": "Explicit vulnerability group analysis payloads copied from vulnerabilities-groups-analysis via group name bridge.",
473
+ "managed": true,
474
+ "refreshRuleKey": "vulnerabilities.vulnerability-groups.analysis.explicit.by-name",
475
+ "sourceCollection": "vulnerabilities-groups-analysis"
415
476
  }
416
477
  ],
478
+ "processing": {
479
+ "entityRoutes": [
480
+ {
481
+ "routeKey": "groups-to-vulnerabilities",
482
+ "parentObjectType": "vulnerabilities-groups",
483
+ "childObjectType": "vulnerabilities",
484
+ "relationshipName": "vulnerabilityGroup",
485
+ "direction": "parentToChild",
486
+ "source": {
487
+ "contentType": "snapshots",
488
+ "path": "data.vulnerabilityName"
489
+ },
490
+ "target": {
491
+ "contentType": "snapshots",
492
+ "path": "data.name"
493
+ },
494
+ "prerequisites": [
495
+ {
496
+ "parentObjectType": "vulnerabilities-groups",
497
+ "parentContentPostfix": "analysis",
498
+ "lifecycleProcess": "entity-insights-processed",
499
+ "onMissing": "defer"
500
+ }
501
+ ]
502
+ },
503
+ {
504
+ "routeKey": "assets-to-vulnerabilities",
505
+ "parentObjectType": "assets",
506
+ "childObjectType": "vulnerabilities",
507
+ "relationshipName": "affectedAsset",
508
+ "direction": "parentToChild",
509
+ "source": {
510
+ "contentType": "snapshots",
511
+ "path": "data.assetIp"
512
+ },
513
+ "target": {
514
+ "contentType": "snapshots",
515
+ "path": "data.assetIps"
516
+ }
517
+ }
518
+ ],
519
+ "associatedContent": {
520
+ "rollParentSnapshots": true,
521
+ "excludePostfixes": ["raw"]
522
+ }
523
+ },
524
+ "narratives": {
525
+ "has-assets": {
526
+ "label": "Has assets",
527
+ "kind": "having-signal",
528
+ "sourceRef": "affectedAsset",
529
+ "targetEntity": "assets"
530
+ }
531
+ },
417
532
  "relations": {
418
533
  "affectedAsset": {
419
534
  "targetEntity": "assets",
@@ -41,7 +41,6 @@
41
41
  "id": "vulnerabilitySummary",
42
42
  "title": "Vulnerability Summary",
43
43
  "fields": [
44
- "hasVulnerabilities",
45
44
  "criticalVulnerabilities",
46
45
  "highVulnerabilities",
47
46
  "mediumVulnerabilities",
@@ -37,6 +37,7 @@
37
37
  "title": "Affected Asset",
38
38
  "fields": [
39
39
  "assetIp",
40
+ "subnetIp",
40
41
  "assetType",
41
42
  "assetZone",
42
43
  "assetHostname",
@@ -18,7 +18,6 @@
18
18
  "agentType",
19
19
  "xdrOperationalStatus",
20
20
  "xdrAgentStatus",
21
- "hasVulnerabilities",
22
21
  "criticalVulnerabilities",
23
22
  "highVulnerabilities",
24
23
  "potentialImpactLevel",
@@ -35,7 +34,6 @@
35
34
  "agentType",
36
35
  "xdrOperationalStatus",
37
36
  "xdrAgentStatus",
38
- "hasVulnerabilities",
39
37
  "criticalVulnerabilities",
40
38
  "highVulnerabilities",
41
39
  "potentialImpactLevel",
@@ -12,6 +12,7 @@
12
12
  "fields": [
13
13
  "vulnerabilityId",
14
14
  "assetIp",
15
+ "subnetIp",
15
16
  "pluginName",
16
17
  "pluginFamily",
17
18
  "severity",
@@ -28,6 +29,7 @@
28
29
  "allowedSorts": [
29
30
  "vulnerabilityId",
30
31
  "assetIp",
32
+ "subnetIp",
31
33
  "pluginName",
32
34
  "pluginFamily",
33
35
  "severity",