@x12i/memorix-retrieval 1.30.0 → 1.31.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (51) hide show
  1. package/catalox-seeds/inputs/entity-descriptors/assets.json +106 -18
  2. package/catalox-seeds/inputs/entity-descriptors/subnets.json +61 -8
  3. package/catalox-seeds/inputs/entity-descriptors/vulnerabilities-groups.json +9 -3
  4. package/catalox-seeds/inputs/entity-descriptors/vulnerabilities.json +121 -6
  5. package/catalox-seeds/inputs/item-descriptors/asset-detail-item.json +0 -1
  6. package/catalox-seeds/inputs/item-descriptors/vulnerability-detail-item.json +1 -0
  7. package/catalox-seeds/inputs/list-descriptors/assets-main-list.json +0 -2
  8. package/catalox-seeds/inputs/list-descriptors/vulnerabilities-main-list.json +2 -0
  9. package/catalox-seeds/memorix-retrieval-descriptors.manifest.json +384 -57
  10. package/dist/analysis/analyze-vulnerability-coverage.d.ts +101 -0
  11. package/dist/analysis/analyze-vulnerability-coverage.d.ts.map +1 -0
  12. package/dist/analysis/analyze-vulnerability-coverage.js +150 -0
  13. package/dist/analysis/analyze-vulnerability-coverage.js.map +1 -0
  14. package/dist/analysis/count-assets-with-vulnerabilities.d.ts +89 -0
  15. package/dist/analysis/count-assets-with-vulnerabilities.d.ts.map +1 -0
  16. package/dist/analysis/count-assets-with-vulnerabilities.js +143 -0
  17. package/dist/analysis/count-assets-with-vulnerabilities.js.map +1 -0
  18. package/dist/analysis/derive-subnet-ip.d.ts +18 -0
  19. package/dist/analysis/derive-subnet-ip.d.ts.map +1 -0
  20. package/dist/analysis/derive-subnet-ip.js +32 -0
  21. package/dist/analysis/derive-subnet-ip.js.map +1 -0
  22. package/dist/descriptors/content-type-labels.d.ts.map +1 -1
  23. package/dist/descriptors/content-type-labels.js +4 -5
  24. package/dist/descriptors/content-type-labels.js.map +1 -1
  25. package/dist/descriptors/descriptor-types.d.ts +48 -0
  26. package/dist/descriptors/descriptor-types.d.ts.map +1 -1
  27. package/dist/mongo/env.d.ts +1 -0
  28. package/dist/mongo/env.d.ts.map +1 -1
  29. package/dist/mongo/env.js +9 -1
  30. package/dist/mongo/env.js.map +1 -1
  31. package/dist/retrieval/fetch-narratives.d.ts +5 -0
  32. package/dist/retrieval/fetch-narratives.d.ts.map +1 -1
  33. package/dist/retrieval/fetch-narratives.js +99 -9
  34. package/dist/retrieval/fetch-narratives.js.map +1 -1
  35. package/dist/tests/analyze-vulnerability-coverage.test.d.ts +2 -0
  36. package/dist/tests/analyze-vulnerability-coverage.test.d.ts.map +1 -0
  37. package/dist/tests/analyze-vulnerability-coverage.test.js +66 -0
  38. package/dist/tests/analyze-vulnerability-coverage.test.js.map +1 -0
  39. package/dist/tests/count-assets-with-vulnerabilities.test.d.ts +2 -0
  40. package/dist/tests/count-assets-with-vulnerabilities.test.d.ts.map +1 -0
  41. package/dist/tests/count-assets-with-vulnerabilities.test.js +95 -0
  42. package/dist/tests/count-assets-with-vulnerabilities.test.js.map +1 -0
  43. package/dist/tests/derive-subnet-ip.test.d.ts +2 -0
  44. package/dist/tests/derive-subnet-ip.test.d.ts.map +1 -0
  45. package/dist/tests/derive-subnet-ip.test.js +17 -0
  46. package/dist/tests/derive-subnet-ip.test.js.map +1 -0
  47. package/dist/tests/env.test.js +1 -1
  48. package/dist/tests/env.test.js.map +1 -1
  49. package/dist/tests/fetch-narratives.test.js +191 -5
  50. package/dist/tests/fetch-narratives.test.js.map +1 -1
  51. package/package.json +2 -2
@@ -295,7 +295,7 @@
295
295
  "label": "IP Address",
296
296
  "source": {
297
297
  "contentType": "snapshots",
298
- "path": "data.ip_address"
298
+ "path": "data.assetIp"
299
299
  },
300
300
  "humanReadable": true,
301
301
  "sortable": true,
@@ -304,31 +304,31 @@
304
304
  "item": true,
305
305
  "valueType": "string"
306
306
  },
307
- "subnetIp": {
308
- "label": "Subnet IP",
307
+ "subnetCidrs": {
308
+ "label": "Subnet CIDRs",
309
309
  "source": {
310
310
  "contentType": "snapshots",
311
- "path": "data.subnetIp"
311
+ "path": "data.subnetCidrs"
312
312
  },
313
313
  "humanReadable": true,
314
- "sortable": true,
314
+ "sortable": false,
315
315
  "filterable": true,
316
- "list": true,
316
+ "list": false,
317
317
  "item": true,
318
- "valueType": "string"
318
+ "valueType": "array"
319
319
  },
320
- "subnetCidr": {
321
- "label": "Subnet CIDR",
320
+ "subnets": {
321
+ "label": "Resolved Subnets",
322
322
  "source": {
323
323
  "contentType": "snapshots",
324
- "path": "data.subnetCidr"
324
+ "path": "data.subnets"
325
325
  },
326
- "humanReadable": true,
327
- "sortable": true,
328
- "filterable": true,
326
+ "humanReadable": false,
327
+ "sortable": false,
328
+ "filterable": false,
329
329
  "list": false,
330
330
  "item": true,
331
- "valueType": "string"
331
+ "valueType": "array"
332
332
  },
333
333
  "source": {
334
334
  "label": "Source",
@@ -408,19 +408,6 @@
408
408
  "item": true,
409
409
  "valueType": "datetime"
410
410
  },
411
- "hasVulnerabilities": {
412
- "label": "Has Vulnerabilities",
413
- "source": {
414
- "contentType": "snapshots",
415
- "path": "data.hasVulnerabilities"
416
- },
417
- "humanReadable": true,
418
- "sortable": true,
419
- "filterable": true,
420
- "list": true,
421
- "item": true,
422
- "valueType": "boolean"
423
- },
424
411
  "criticalVulnerabilities": {
425
412
  "label": "Critical Vulnerabilities",
426
413
  "source": {
@@ -547,24 +534,142 @@
547
534
  "valueShape": "array<object>",
548
535
  "linkedObjectType": "subnets",
549
536
  "linkedContentType": "snapshots",
550
- "description": "Subnet snapshot payloads copied from subnets-snapshots.data when asset data.subnetCidrs matches subnet data.cidr.",
537
+ "description": "Subnet snapshot payloads copied from subnets-snapshots.data when asset data.subnetCidrs matches subnet data.cidr. Each item includes linked recordId.",
551
538
  "managed": true,
552
539
  "refreshRuleKey": "assets.subnets.snapshots.by-cidr",
553
540
  "sourceCollection": "subnets-snapshots"
554
541
  },
555
542
  {
556
- "name": "associatedInferred",
543
+ "name": "associatedDiscovery",
544
+ "contentType": "snapshots",
545
+ "kind": "associated",
546
+ "valueShape": "array<object>",
547
+ "linkedObjectType": "subnets",
548
+ "linkedContentType": "discovery",
549
+ "description": "Subnet discovery payloads copied from subnets-discovery.data when asset data.subnetCidrs matches subnet data.cidr.",
550
+ "managed": true,
551
+ "refreshRuleKey": "assets.subnets.discovery.by-cidr",
552
+ "sourceCollection": "subnets-discovery"
553
+ },
554
+ {
555
+ "name": "associatedSiblings",
556
+ "contentType": "snapshots",
557
+ "kind": "associated",
558
+ "valueShape": "array<object>",
559
+ "linkedObjectType": "assets",
560
+ "linkedContentType": "snapshots",
561
+ "description": "Root-level self-association: other asset snapshot data payloads sharing a data.subnetCidr value. Each item includes linked recordId. Capped at 99 items.",
562
+ "managed": true,
563
+ "refreshRuleKey": "assets.assets.snapshots.by-cidr",
564
+ "sourceCollection": "assets-snapshots"
565
+ },
566
+ {
567
+ "name": "associatedTopology",
568
+ "contentType": "snapshots",
569
+ "kind": "associated",
570
+ "valueShape": "array<object>",
571
+ "linkedObjectType": "subnets",
572
+ "linkedContentType": "snapshots",
573
+ "description": "Normalized subnet topology objects derived from associatedData and canonical subnet lookup. Each item includes kind, source, cidr, zone, vr, and exposure/reachability fields. subnetId is omitted.",
574
+ "managed": true,
575
+ "refreshRuleKey": "assets.associated-topology.by-associated-data",
576
+ "sourceCollection": "subnets-snapshots"
577
+ },
578
+ {
579
+ "name": "associatedSubnets",
580
+ "contentType": "snapshots",
581
+ "kind": "associated",
582
+ "valueShape": "array<object>",
583
+ "linkedObjectType": "subnets",
584
+ "linkedContentType": "snapshots",
585
+ "description": "Explicit subnet snapshot payloads copied from subnets-snapshots.data when asset data.subnetCidrs matches subnet data.cidr.",
586
+ "managed": true,
587
+ "refreshRuleKey": "assets.subnets.snapshots.explicit.by-cidr",
588
+ "sourceCollection": "subnets-snapshots"
589
+ },
590
+ {
591
+ "name": "associatedSubnetsDiscovery",
592
+ "contentType": "snapshots",
593
+ "kind": "associated",
594
+ "valueShape": "array<object>",
595
+ "linkedObjectType": "subnets",
596
+ "linkedContentType": "discovery",
597
+ "description": "Explicit subnet discovery payloads copied from subnets-discovery when asset data.subnetCidrs matches subnet CIDR.",
598
+ "managed": true,
599
+ "refreshRuleKey": "assets.subnets.discovery.explicit.by-cidr",
600
+ "sourceCollection": "subnets-discovery"
601
+ },
602
+ {
603
+ "name": "associatedSubnetsAnalysis",
557
604
  "contentType": "snapshots",
558
605
  "kind": "associated",
559
606
  "valueShape": "array<object>",
560
607
  "linkedObjectType": "subnets",
561
- "linkedContentType": "inferences",
562
- "description": "Subnet discovery payloads copied from subnets-inferences.data when asset data.subnetCidrs matches subnet data.cidr.",
608
+ "linkedContentType": "analysis",
609
+ "description": "Explicit subnet analysis payloads copied from subnets-analysis when asset data.subnetCidrs matches subnet CIDR.",
563
610
  "managed": true,
564
- "refreshRuleKey": "assets.subnets.inferences.by-cidr",
565
- "sourceCollection": "subnets-inferences"
611
+ "refreshRuleKey": "assets.subnets.analysis.explicit.by-cidr",
612
+ "sourceCollection": "subnets-analysis"
566
613
  }
567
614
  ],
615
+ "processing": {
616
+ "entityRoutes": [
617
+ {
618
+ "routeKey": "subnets-to-assets",
619
+ "parentObjectType": "subnets",
620
+ "childObjectType": "assets",
621
+ "relationshipName": "assetSubnet",
622
+ "direction": "parentToChild",
623
+ "source": {
624
+ "contentType": "snapshots",
625
+ "path": "data.subnetCidrs"
626
+ },
627
+ "target": {
628
+ "contentType": "snapshots",
629
+ "path": "data.cidr"
630
+ }
631
+ }
632
+ ],
633
+ "resolvers": [
634
+ {
635
+ "processorId": "assets.subnet-cidr",
636
+ "resolverType": "subnet-cidr",
637
+ "kind": "function",
638
+ "config": {
639
+ "mode": "resolve",
640
+ "assetIpPaths": [
641
+ "data.assetIps",
642
+ "data.assetIp"
643
+ ],
644
+ "canonicalCollection": {
645
+ "db": "neo-memorix-entities",
646
+ "collection": "subnets-snapshots"
647
+ }
648
+ }
649
+ }
650
+ ],
651
+ "associatedContent": {
652
+ "rollParentSnapshots": true,
653
+ "excludePostfixes": [
654
+ "raw"
655
+ ]
656
+ }
657
+ },
658
+ "narratives": {
659
+ "has-vulnerabilities": {
660
+ "label": "Has vulnerabilities",
661
+ "kind": "having-signal",
662
+ "sourceRef": "assetVulnerabilities",
663
+ "targetEntity": "vulnerabilities"
664
+ },
665
+ "has-medium-vulnerabilities": {
666
+ "kind": "association-common-property",
667
+ "sourceRef": "assetVulnerabilities",
668
+ "targetEntity": "vulnerabilities",
669
+ "property": "severity",
670
+ "value": "medium"
671
+ }
672
+ },
568
673
  "relations": {
569
674
  "assetSubnet": {
570
675
  "type": "manyToOne",
@@ -580,7 +685,9 @@
580
685
  "defaultArrayProperty": "associatedData",
581
686
  "targetFields": [
582
687
  "cidr",
583
- "subnetIp",
688
+ "networkAddress",
689
+ "prefixLength",
690
+ "mask",
584
691
  "zone",
585
692
  "vr"
586
693
  ],
@@ -654,14 +761,9 @@
654
761
  "collection": "subnets-snapshots",
655
762
  "isCanonical": true
656
763
  },
657
- "core": {
658
- "postfix": "core",
659
- "collection": "subnets-core",
660
- "isCanonical": false
661
- },
662
- "inferences": {
663
- "postfix": "inferences",
664
- "collection": "subnets-inferences",
764
+ "discovery": {
765
+ "postfix": "discovery",
766
+ "collection": "subnets-discovery",
665
767
  "isCanonical": false
666
768
  },
667
769
  "scoped": {
@@ -675,6 +777,18 @@
675
777
  "isCanonical": false
676
778
  }
677
779
  },
780
+ "rootProperties": {
781
+ "possiblePaths": {
782
+ "label": "Possible Paths",
783
+ "source": {
784
+ "contentType": "snapshots",
785
+ "path": "possiblePaths"
786
+ },
787
+ "valueShape": "object",
788
+ "description": "Subnet-specific topology path facts stored at the snapshot root.",
789
+ "managed": true
790
+ }
791
+ },
678
792
  "properties": {
679
793
  "recordId": {
680
794
  "label": "Record ID",
@@ -702,11 +816,11 @@
702
816
  "item": true,
703
817
  "valueType": "string"
704
818
  },
705
- "subnetIp": {
706
- "label": "Subnet network address",
819
+ "networkAddress": {
820
+ "label": "Network Address",
707
821
  "source": {
708
822
  "contentType": "snapshots",
709
- "path": "data.subnetIp"
823
+ "path": "data.networkAddress"
710
824
  },
711
825
  "humanReadable": true,
712
826
  "sortable": true,
@@ -715,6 +829,32 @@
715
829
  "item": true,
716
830
  "valueType": "string"
717
831
  },
832
+ "prefixLength": {
833
+ "label": "Prefix Length",
834
+ "source": {
835
+ "contentType": "snapshots",
836
+ "path": "data.prefixLength"
837
+ },
838
+ "humanReadable": true,
839
+ "sortable": true,
840
+ "filterable": true,
841
+ "list": false,
842
+ "item": true,
843
+ "valueType": "number"
844
+ },
845
+ "mask": {
846
+ "label": "Subnet Mask",
847
+ "source": {
848
+ "contentType": "snapshots",
849
+ "path": "data.mask"
850
+ },
851
+ "humanReadable": true,
852
+ "sortable": true,
853
+ "filterable": true,
854
+ "list": false,
855
+ "item": true,
856
+ "valueType": "string"
857
+ },
718
858
  "zone": {
719
859
  "label": "Zone",
720
860
  "source": {
@@ -885,6 +1025,68 @@
885
1025
  "valueType": "string"
886
1026
  }
887
1027
  },
1028
+ "associatedProperties": [
1029
+ {
1030
+ "name": "associatedChildren",
1031
+ "contentType": "snapshots",
1032
+ "kind": "associated",
1033
+ "valueShape": "array<object>",
1034
+ "linkedObjectType": "assets",
1035
+ "linkedContentType": "snapshots",
1036
+ "description": "Asset snapshot data payloads whose data.subnetCidrs contains this subnet data.cidr. Each item includes linked recordId. Capped at 99 items.",
1037
+ "managed": true,
1038
+ "refreshRuleKey": "subnets.assets.snapshots.by-cidr",
1039
+ "sourceCollection": "assets-snapshots"
1040
+ }
1041
+ ],
1042
+ "processing": {
1043
+ "entityRoutes": [
1044
+ {
1045
+ "routeKey": "zones-to-subnets",
1046
+ "parentObjectType": "topology-zones",
1047
+ "childObjectType": "subnets",
1048
+ "relationshipName": "subnetZone",
1049
+ "direction": "parentToChild",
1050
+ "source": {
1051
+ "contentType": "snapshots",
1052
+ "path": "data.zone"
1053
+ },
1054
+ "target": {
1055
+ "contentType": "snapshots",
1056
+ "path": "data.name"
1057
+ }
1058
+ }
1059
+ ],
1060
+ "insightStages": [
1061
+ {
1062
+ "processorId": "network.cidr-topology-path-resolver",
1063
+ "kind": "function",
1064
+ "inputKind": "cidr",
1065
+ "outputKind": "cidr-path-facts",
1066
+ "writeToInsights": false,
1067
+ "sources": {
1068
+ "topologyDb": "memorix-knowledge",
1069
+ "topologyCollection": "topology-raw"
1070
+ }
1071
+ },
1072
+ {
1073
+ "processorId": "network.cidr-zone-path-insights",
1074
+ "kind": "function",
1075
+ "inputKind": "cidr-path-facts",
1076
+ "outputKind": "insights",
1077
+ "writeToInsights": true,
1078
+ "sources": {
1079
+ "zonesCollection": "topology-zones-snapshots"
1080
+ }
1081
+ }
1082
+ ],
1083
+ "associatedContent": {
1084
+ "rollParentSnapshots": true,
1085
+ "excludePostfixes": [
1086
+ "raw"
1087
+ ]
1088
+ }
1089
+ },
888
1090
  "relations": {},
889
1091
  "schemaVersion": "memorix.objectTypeDescriptor.v2",
890
1092
  "objectType": "subnets"
@@ -966,6 +1168,19 @@
966
1168
  "item": true,
967
1169
  "valueType": "string"
968
1170
  },
1171
+ "subnetIp": {
1172
+ "label": "Subnet IP",
1173
+ "source": {
1174
+ "contentType": "snapshots",
1175
+ "path": "data.subnetIp"
1176
+ },
1177
+ "humanReadable": true,
1178
+ "sortable": true,
1179
+ "filterable": true,
1180
+ "list": true,
1181
+ "item": true,
1182
+ "valueType": "string"
1183
+ },
969
1184
  "assetType": {
970
1185
  "label": "Asset Type",
971
1186
  "source": {
@@ -1280,16 +1495,16 @@
1280
1495
  "sourceCollection": "vulnerabilities-groups-snapshots"
1281
1496
  },
1282
1497
  {
1283
- "name": "associatedInferred",
1498
+ "name": "associatedDiscovery",
1284
1499
  "contentType": "snapshots",
1285
1500
  "kind": "associated",
1286
1501
  "valueShape": "array<object>",
1287
1502
  "linkedObjectType": "vulnerabilities-groups",
1288
- "linkedContentType": "inferences",
1289
- "description": "Vulnerability group discovery payloads copied from vulnerabilities-groups-inferences.data via group name bridge.",
1503
+ "linkedContentType": "discovery",
1504
+ "description": "Vulnerability group discovery payloads copied from vulnerabilities-groups-discovery.data via group name bridge.",
1290
1505
  "managed": true,
1291
- "refreshRuleKey": "vulnerabilities.vulnerability-groups.inferences.by-name",
1292
- "sourceCollection": "vulnerabilities-groups-inferences"
1506
+ "refreshRuleKey": "vulnerabilities.vulnerability-groups.discovery.by-name",
1507
+ "sourceCollection": "vulnerabilities-groups-discovery"
1293
1508
  },
1294
1509
  {
1295
1510
  "name": "associatedAnalysis",
@@ -1310,12 +1525,116 @@
1310
1525
  "valueShape": "array<object>",
1311
1526
  "linkedObjectType": "assets",
1312
1527
  "linkedContentType": "snapshots",
1313
- "description": "Optional asset snapshot payloads copied from assets-snapshots.data when data.assetIp matches asset data.assetIps.",
1528
+ "description": "Optional asset snapshot payloads copied from assets-snapshots.data when data.assetIp exactly matches asset data.assetIps, data.assetIp, or legacy data.ip_address. At most one item per vulnerability.",
1314
1529
  "managed": true,
1315
1530
  "refreshRuleKey": "vulnerabilities.assets.snapshots.by-assetIp",
1316
1531
  "sourceCollection": "assets-snapshots"
1532
+ },
1533
+ {
1534
+ "name": "associatedTopology",
1535
+ "contentType": "snapshots",
1536
+ "kind": "associated",
1537
+ "valueShape": "array<object>",
1538
+ "linkedObjectType": "subnets",
1539
+ "linkedContentType": "snapshots",
1540
+ "description": "Normalized subnet topology objects from associatedData roll-down and canonical subnet lookup by data.assetIp. May contain both associatedData and subnetLookup sources for the same CIDR.",
1541
+ "managed": true,
1542
+ "refreshRuleKey": "vulnerabilities.associated-topology.by-associated-data-and-subnet-lookup",
1543
+ "sourceCollection": "subnets-snapshots"
1544
+ },
1545
+ {
1546
+ "name": "associatedVulnerabilityGroup",
1547
+ "contentType": "snapshots",
1548
+ "kind": "associated",
1549
+ "valueShape": "array<object>",
1550
+ "linkedObjectType": "vulnerabilities-groups",
1551
+ "linkedContentType": "snapshots",
1552
+ "description": "Explicit vulnerability group snapshot payloads copied from vulnerabilities-groups-snapshots.data when data.vulnerabilityName matches group data.name.",
1553
+ "managed": true,
1554
+ "refreshRuleKey": "vulnerabilities.vulnerability-groups.snapshots.explicit.by-name",
1555
+ "sourceCollection": "vulnerabilities-groups-snapshots"
1556
+ },
1557
+ {
1558
+ "name": "associatedVulnerabilityGroupDiscovery",
1559
+ "contentType": "snapshots",
1560
+ "kind": "associated",
1561
+ "valueShape": "array<object>",
1562
+ "linkedObjectType": "vulnerabilities-groups",
1563
+ "linkedContentType": "discovery",
1564
+ "description": "Explicit vulnerability group discovery payloads copied from vulnerabilities-groups-discovery via group name bridge.",
1565
+ "managed": true,
1566
+ "refreshRuleKey": "vulnerabilities.vulnerability-groups.discovery.explicit.by-name",
1567
+ "sourceCollection": "vulnerabilities-groups-discovery"
1568
+ },
1569
+ {
1570
+ "name": "associatedVulnerabilityGroupAnalysis",
1571
+ "contentType": "snapshots",
1572
+ "kind": "associated",
1573
+ "valueShape": "array<object>",
1574
+ "linkedObjectType": "vulnerabilities-groups",
1575
+ "linkedContentType": "analysis",
1576
+ "description": "Explicit vulnerability group analysis payloads copied from vulnerabilities-groups-analysis via group name bridge.",
1577
+ "managed": true,
1578
+ "refreshRuleKey": "vulnerabilities.vulnerability-groups.analysis.explicit.by-name",
1579
+ "sourceCollection": "vulnerabilities-groups-analysis"
1317
1580
  }
1318
1581
  ],
1582
+ "processing": {
1583
+ "entityRoutes": [
1584
+ {
1585
+ "routeKey": "groups-to-vulnerabilities",
1586
+ "parentObjectType": "vulnerabilities-groups",
1587
+ "childObjectType": "vulnerabilities",
1588
+ "relationshipName": "vulnerabilityGroup",
1589
+ "direction": "parentToChild",
1590
+ "source": {
1591
+ "contentType": "snapshots",
1592
+ "path": "data.vulnerabilityName"
1593
+ },
1594
+ "target": {
1595
+ "contentType": "snapshots",
1596
+ "path": "data.name"
1597
+ },
1598
+ "prerequisites": [
1599
+ {
1600
+ "parentObjectType": "vulnerabilities-groups",
1601
+ "parentContentPostfix": "analysis",
1602
+ "lifecycleProcess": "entity-insights-processed",
1603
+ "onMissing": "defer"
1604
+ }
1605
+ ]
1606
+ },
1607
+ {
1608
+ "routeKey": "assets-to-vulnerabilities",
1609
+ "parentObjectType": "assets",
1610
+ "childObjectType": "vulnerabilities",
1611
+ "relationshipName": "affectedAsset",
1612
+ "direction": "parentToChild",
1613
+ "source": {
1614
+ "contentType": "snapshots",
1615
+ "path": "data.assetIp"
1616
+ },
1617
+ "target": {
1618
+ "contentType": "snapshots",
1619
+ "path": "data.assetIps"
1620
+ }
1621
+ }
1622
+ ],
1623
+ "associatedContent": {
1624
+ "rollParentSnapshots": true,
1625
+ "excludePostfixes": [
1626
+ "raw"
1627
+ ]
1628
+ }
1629
+ },
1630
+ "narratives": {
1631
+ "has-assets": {
1632
+ "label": "Has assets",
1633
+ "kind": "having-signal",
1634
+ "sourceRef": "affectedAsset",
1635
+ "targetEntity": "assets"
1636
+ }
1637
+ },
1319
1638
  "relations": {
1320
1639
  "affectedAsset": {
1321
1640
  "type": "manyToOne",
@@ -1406,9 +1725,9 @@
1406
1725
  "dataRoot": "data",
1407
1726
  "isCanonical": true
1408
1727
  },
1409
- "inferences": {
1410
- "postfix": "inferences",
1411
- "collection": "vulnerabilities-groups-inferences",
1728
+ "discovery": {
1729
+ "postfix": "discovery",
1730
+ "collection": "vulnerabilities-groups-discovery",
1412
1731
  "dataRoot": "data",
1413
1732
  "isCanonical": false
1414
1733
  },
@@ -1487,6 +1806,14 @@
1487
1806
  }
1488
1807
  },
1489
1808
  "associatedProperties": [],
1809
+ "processing": {
1810
+ "associatedContent": {
1811
+ "rollParentSnapshots": false,
1812
+ "excludePostfixes": [
1813
+ "raw"
1814
+ ]
1815
+ }
1816
+ },
1490
1817
  "relations": {
1491
1818
  "groupVulnerabilities": {
1492
1819
  "type": "oneToMany",
@@ -1751,7 +2078,6 @@
1751
2078
  "agentType",
1752
2079
  "xdrOperationalStatus",
1753
2080
  "xdrAgentStatus",
1754
- "hasVulnerabilities",
1755
2081
  "criticalVulnerabilities",
1756
2082
  "highVulnerabilities",
1757
2083
  "potentialImpactLevel",
@@ -1768,7 +2094,6 @@
1768
2094
  "agentType",
1769
2095
  "xdrOperationalStatus",
1770
2096
  "xdrAgentStatus",
1771
- "hasVulnerabilities",
1772
2097
  "criticalVulnerabilities",
1773
2098
  "highVulnerabilities",
1774
2099
  "potentialImpactLevel",
@@ -1841,6 +2166,7 @@
1841
2166
  "fields": [
1842
2167
  "vulnerabilityId",
1843
2168
  "assetIp",
2169
+ "subnetIp",
1844
2170
  "pluginName",
1845
2171
  "pluginFamily",
1846
2172
  "severity",
@@ -1857,6 +2183,7 @@
1857
2183
  "allowedSorts": [
1858
2184
  "vulnerabilityId",
1859
2185
  "assetIp",
2186
+ "subnetIp",
1860
2187
  "pluginName",
1861
2188
  "pluginFamily",
1862
2189
  "severity",
@@ -2138,7 +2465,6 @@
2138
2465
  "id": "vulnerabilitySummary",
2139
2466
  "title": "Vulnerability Summary",
2140
2467
  "fields": [
2141
- "hasVulnerabilities",
2142
2468
  "criticalVulnerabilities",
2143
2469
  "highVulnerabilities",
2144
2470
  "mediumVulnerabilities",
@@ -2330,6 +2656,7 @@
2330
2656
  "title": "Affected Asset",
2331
2657
  "fields": [
2332
2658
  "assetIp",
2659
+ "subnetIp",
2333
2660
  "assetType",
2334
2661
  "assetZone",
2335
2662
  "assetHostname",