@x12i/memorix-retrieval 1.31.0 → 1.32.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (64) hide show
  1. package/catalox-seeds/inputs/entity-descriptors/assets.json +312 -7
  2. package/catalox-seeds/inputs/entity-descriptors/subnets.json +207 -2
  3. package/catalox-seeds/inputs/entity-descriptors/topology-zones.json +85 -0
  4. package/catalox-seeds/inputs/entity-descriptors/vulnerabilities-groups.json +255 -0
  5. package/catalox-seeds/inputs/entity-descriptors/vulnerabilities.json +294 -10
  6. package/catalox-seeds/inputs/item-descriptors/asset-detail-item.json +63 -14
  7. package/catalox-seeds/inputs/item-descriptors/subnet-detail-item.json +51 -17
  8. package/catalox-seeds/inputs/item-descriptors/vulnerabilities-group-detail-item.json +97 -0
  9. package/catalox-seeds/inputs/item-descriptors/vulnerability-detail-item.json +44 -40
  10. package/catalox-seeds/inputs/item-descriptors/vulnerability-observation-detail-item.json +42 -0
  11. package/catalox-seeds/inputs/list-descriptors/assets-exploitability-decisions-list.json +33 -0
  12. package/catalox-seeds/inputs/list-descriptors/assets-main-list.json +56 -2
  13. package/catalox-seeds/inputs/list-descriptors/assets-potential-impact-decisions-list.json +31 -0
  14. package/catalox-seeds/inputs/list-descriptors/subnets-main-list.json +107 -3
  15. package/catalox-seeds/inputs/list-descriptors/vulnerabilities-exploitability-analysis-list.json +29 -0
  16. package/catalox-seeds/inputs/list-descriptors/vulnerabilities-groups-main-list.json +98 -0
  17. package/catalox-seeds/inputs/list-descriptors/vulnerabilities-main-list.json +7 -1
  18. package/catalox-seeds/inputs/list-descriptors/vulnerabilities-observations-list.json +43 -0
  19. package/catalox-seeds/inputs/list-descriptors/vulnerabilities-triage-analysis-list.json +30 -0
  20. package/catalox-seeds/inputs/list-descriptors/vulnerable-assets-list.json +102 -0
  21. package/catalox-seeds/memorix-retrieval-descriptors.manifest.json +2512 -367
  22. package/dist/descriptors/descriptor-types.d.ts +38 -0
  23. package/dist/descriptors/descriptor-types.d.ts.map +1 -1
  24. package/dist/descriptors/validate-descriptor.d.ts +1 -0
  25. package/dist/descriptors/validate-descriptor.d.ts.map +1 -1
  26. package/dist/descriptors/validate-descriptor.js +27 -0
  27. package/dist/descriptors/validate-descriptor.js.map +1 -1
  28. package/dist/explorer/collection-records.d.ts.map +1 -1
  29. package/dist/explorer/collection-records.js +22 -2
  30. package/dist/explorer/collection-records.js.map +1 -1
  31. package/dist/explorer/raw-collection-records.d.ts +2 -0
  32. package/dist/explorer/raw-collection-records.d.ts.map +1 -1
  33. package/dist/explorer/raw-collection-records.js +1 -1
  34. package/dist/explorer/raw-collection-records.js.map +1 -1
  35. package/dist/index.d.ts +3 -2
  36. package/dist/index.d.ts.map +1 -1
  37. package/dist/index.js +2 -1
  38. package/dist/index.js.map +1 -1
  39. package/dist/mongo/env.d.ts +17 -0
  40. package/dist/mongo/env.d.ts.map +1 -1
  41. package/dist/mongo/env.js +73 -0
  42. package/dist/mongo/env.js.map +1 -1
  43. package/dist/retrieval/fetch-list.d.ts.map +1 -1
  44. package/dist/retrieval/fetch-list.js +3 -1
  45. package/dist/retrieval/fetch-list.js.map +1 -1
  46. package/dist/retrieval/fetch-narratives.d.ts +8 -0
  47. package/dist/retrieval/fetch-narratives.d.ts.map +1 -1
  48. package/dist/retrieval/fetch-narratives.js +39 -9
  49. package/dist/retrieval/fetch-narratives.js.map +1 -1
  50. package/dist/retrieval/narrative-list-filters.d.ts +30 -0
  51. package/dist/retrieval/narrative-list-filters.d.ts.map +1 -0
  52. package/dist/retrieval/narrative-list-filters.js +179 -0
  53. package/dist/retrieval/narrative-list-filters.js.map +1 -0
  54. package/dist/retrieval/resolve-filters.d.ts +11 -1
  55. package/dist/retrieval/resolve-filters.d.ts.map +1 -1
  56. package/dist/retrieval/resolve-filters.js +34 -7
  57. package/dist/retrieval/resolve-filters.js.map +1 -1
  58. package/dist/seeds/default-seed-spec.d.ts.map +1 -1
  59. package/dist/seeds/default-seed-spec.js +9 -0
  60. package/dist/seeds/default-seed-spec.js.map +1 -1
  61. package/dist/tests/resolve-filters.test.js +81 -4
  62. package/dist/tests/resolve-filters.test.js.map +1 -1
  63. package/docs/MEMORIX-CATALOX-CONTRACTS.md +2 -0
  64. package/package.json +5 -5
@@ -41,6 +41,18 @@
41
41
  "collection": "assets-scoped",
42
42
  "dataRoot": "data",
43
43
  "isCanonical": false
44
+ },
45
+ "analysis": {
46
+ "postfix": "analysis",
47
+ "collection": "assets-analysis",
48
+ "dataRoot": "data",
49
+ "isCanonical": false
50
+ },
51
+ "decisions": {
52
+ "postfix": "decision",
53
+ "collection": "assets-decision",
54
+ "dataRoot": "data",
55
+ "isCanonical": false
44
56
  }
45
57
  },
46
58
  "properties": {
@@ -213,6 +225,20 @@
213
225
  "item": true,
214
226
  "valueType": "number"
215
227
  },
228
+ "findingsCount": {
229
+ "label": "Findings",
230
+ "source": {
231
+ "contentType": "snapshots",
232
+ "path": "analytics.findings.total"
233
+ },
234
+ "humanReadable": true,
235
+ "sortable": true,
236
+ "filterable": true,
237
+ "list": true,
238
+ "item": true,
239
+ "valueType": "number",
240
+ "format": "count"
241
+ },
216
242
  "potentialImpactLevel": {
217
243
  "label": "Potential Impact",
218
244
  "source": {
@@ -277,11 +303,146 @@
277
303
  "list": false,
278
304
  "item": true,
279
305
  "valueType": "object"
306
+ },
307
+ "observedUsers": {
308
+ "label": "Users",
309
+ "source": {
310
+ "contentType": "snapshots",
311
+ "path": "data.observedUsers"
312
+ },
313
+ "humanReadable": true,
314
+ "sortable": false,
315
+ "filterable": true,
316
+ "list": true,
317
+ "item": true,
318
+ "valueType": "array"
319
+ },
320
+ "analysisBriefSummary": {
321
+ "label": "Brief Summary",
322
+ "source": { "contentType": "analysis", "path": "data.brief.summary" },
323
+ "humanReadable": true,
324
+ "list": true,
325
+ "item": true,
326
+ "valueType": "string"
327
+ },
328
+ "analysisBriefTakeaway": {
329
+ "label": "Brief Takeaway",
330
+ "source": { "contentType": "analysis", "path": "data.brief.takeaway" },
331
+ "humanReadable": true,
332
+ "list": false,
333
+ "item": true,
334
+ "valueType": "string"
335
+ },
336
+ "analysisBriefConfidence": {
337
+ "label": "Brief Confidence",
338
+ "source": { "contentType": "analysis", "path": "data.brief.confidence" },
339
+ "humanReadable": true,
340
+ "list": false,
341
+ "item": true,
342
+ "valueType": "string"
343
+ },
344
+ "analysisContext": {
345
+ "label": "Context",
346
+ "source": { "contentType": "analysis", "path": "data.context" },
347
+ "humanReadable": false,
348
+ "list": false,
349
+ "item": true,
350
+ "valueType": "object"
351
+ },
352
+ "analysisReachability": {
353
+ "label": "Reachability",
354
+ "source": { "contentType": "analysis", "path": "data.reachability" },
355
+ "humanReadable": false,
356
+ "list": false,
357
+ "item": true,
358
+ "valueType": "object"
359
+ },
360
+ "analysisPaths": {
361
+ "label": "Paths",
362
+ "source": { "contentType": "analysis", "path": "data.paths" },
363
+ "humanReadable": false,
364
+ "list": false,
365
+ "item": true,
366
+ "valueType": "object"
367
+ },
368
+ "attackPathExistence": {
369
+ "label": "Attack Path Existence",
370
+ "source": { "contentType": "analysis", "path": "data.paths.attackPathExistence" },
371
+ "humanReadable": true,
372
+ "sortable": true,
373
+ "filterable": true,
374
+ "list": true,
375
+ "item": true,
376
+ "valueType": "string"
377
+ },
378
+ "decisionOverviewSummary": {
379
+ "label": "Decision Summary",
380
+ "source": { "contentType": "decisions", "path": "data.overview.summary" },
381
+ "humanReadable": true,
382
+ "list": true,
383
+ "item": true,
384
+ "valueType": "string"
385
+ },
386
+ "decisionOverviewDetailedAnalysis": {
387
+ "label": "Decision Detailed Analysis",
388
+ "source": { "contentType": "decisions", "path": "data.overview.detailedAnalysis" },
389
+ "humanReadable": true,
390
+ "list": true,
391
+ "item": true,
392
+ "valueType": "string"
393
+ },
394
+ "decisionExploitability": {
395
+ "label": "Exploitability Analysis",
396
+ "source": { "contentType": "decisions", "path": "data.exploitability" },
397
+ "humanReadable": false,
398
+ "list": false,
399
+ "item": true,
400
+ "valueType": "object"
401
+ },
402
+ "decisionLabel": {
403
+ "label": "Decision",
404
+ "source": { "contentType": "decisions", "path": "data.decision.decision" },
405
+ "humanReadable": true,
406
+ "sortable": true,
407
+ "filterable": true,
408
+ "list": true,
409
+ "item": true,
410
+ "valueType": "string"
411
+ },
412
+ "decisionStatus": {
413
+ "label": "Decision Status",
414
+ "source": { "contentType": "decisions", "path": "data.decision.status" },
415
+ "humanReadable": true,
416
+ "sortable": true,
417
+ "filterable": true,
418
+ "list": true,
419
+ "item": true,
420
+ "valueType": "string"
421
+ },
422
+ "decisionRiskScore": {
423
+ "label": "Decision Score",
424
+ "source": { "contentType": "decisions", "path": "data.decision.riskScore" },
425
+ "humanReadable": true,
426
+ "sortable": true,
427
+ "filterable": true,
428
+ "list": true,
429
+ "item": true,
430
+ "valueType": "number"
431
+ },
432
+ "decisionUrgencyScore": {
433
+ "label": "Urgency Score",
434
+ "source": { "contentType": "decisions", "path": "data.decision.urgencyScore" },
435
+ "humanReadable": true,
436
+ "sortable": true,
437
+ "filterable": true,
438
+ "list": true,
439
+ "item": true,
440
+ "valueType": "number"
280
441
  }
281
442
  },
282
443
  "associatedProperties": [
283
444
  {
284
- "name": "associatedData",
445
+ "name": "associatedSubnetsSnapshots",
285
446
  "contentType": "snapshots",
286
447
  "kind": "associated",
287
448
  "valueShape": "array<object>",
@@ -293,7 +454,7 @@
293
454
  "sourceCollection": "subnets-snapshots"
294
455
  },
295
456
  {
296
- "name": "associatedDiscovery",
457
+ "name": "associatedSubnetsDiscovery",
297
458
  "contentType": "snapshots",
298
459
  "kind": "associated",
299
460
  "valueShape": "array<object>",
@@ -305,7 +466,7 @@
305
466
  "sourceCollection": "subnets-discovery"
306
467
  },
307
468
  {
308
- "name": "associatedSiblings",
469
+ "name": "associatedAssetsSnapshots",
309
470
  "contentType": "snapshots",
310
471
  "kind": "associated",
311
472
  "valueShape": "array<object>",
@@ -329,7 +490,7 @@
329
490
  "sourceCollection": "subnets-snapshots"
330
491
  },
331
492
  {
332
- "name": "associatedSubnets",
493
+ "name": "associatedSubnetsSnapshots",
333
494
  "contentType": "snapshots",
334
495
  "kind": "associated",
335
496
  "valueShape": "array<object>",
@@ -363,6 +524,44 @@
363
524
  "managed": true,
364
525
  "refreshRuleKey": "assets.subnets.analysis.explicit.by-cidr",
365
526
  "sourceCollection": "subnets-analysis"
527
+ },
528
+ {
529
+ "name": "associatedTopologyZonesAnalysis",
530
+ "contentType": "snapshots",
531
+ "kind": "associated",
532
+ "valueShape": "array<object>",
533
+ "linkedObjectType": "topology-zones",
534
+ "linkedContentType": "analysis",
535
+ "description": "Zone cyber-analysis payloads joined by host data.zones or associatedTopology.zone to topology-zones-analysis.data.name.",
536
+ "managed": true,
537
+ "refreshRuleKey": "assets.topology-zones.analysis.by-zone-name",
538
+ "sourceCollection": "topology-zones-analysis"
539
+ },
540
+ {
541
+ "name": "associatedVulnerabilitiesAnalysis",
542
+ "contentType": "snapshots",
543
+ "kind": "associated",
544
+ "valueShape": "array<object>",
545
+ "linkedObjectType": "vulnerabilities",
546
+ "linkedContentType": "analysis",
547
+ "description": "Vulnerability analysis payloads copied from vulnerabilities-analysis.data after matching vulnerabilities-snapshots by asset IP and resolving content by snapshot recordId.",
548
+ "managed": true,
549
+ "refreshRuleKey": "assets.vulnerabilities.analysis.by-assetIp",
550
+ "sourceCollection": "vulnerabilities-analysis"
551
+ },
552
+ {
553
+ "name": "associatedTopVulnerabilitiesAnalysis",
554
+ "contentType": "snapshots",
555
+ "kind": "associated",
556
+ "valueShape": "array<object>",
557
+ "linkedObjectType": "vulnerabilities",
558
+ "linkedContentType": "analysis",
559
+ "description": "Top vulnerability analysis payloads (default 5), ranked by vulnerabilities-snapshots.data.severity after IP match and content resolve by snapshot recordId. Omitted when empty.",
560
+ "managed": true,
561
+ "top": true,
562
+ "maxItems": 5,
563
+ "refreshRuleKey": "assets.vulnerabilities.analysis.top.by-assetIp",
564
+ "sourceCollection": "vulnerabilities-analysis"
366
565
  }
367
566
  ],
368
567
  "processing": {
@@ -390,32 +589,138 @@
390
589
  "kind": "function",
391
590
  "config": {
392
591
  "mode": "resolve",
393
- "assetIpPaths": ["data.assetIps", "data.assetIp"],
592
+ "assetIpPaths": [
593
+ "data.assetIps",
594
+ "data.assetIp"
595
+ ],
394
596
  "canonicalCollection": {
395
597
  "db": "neo-memorix-entities",
396
598
  "collection": "subnets-snapshots"
397
599
  }
398
600
  }
601
+ },
602
+ {
603
+ "processorId": "assets.topology-extractor",
604
+ "resolverType": "topology-extractor",
605
+ "kind": "function",
606
+ "config": {
607
+ "mode": "from-associated-data",
608
+ "sourcePaths": [
609
+ "associatedSubnetsSnapshots"
610
+ ],
611
+ "outputPath": "associatedTopology"
612
+ }
399
613
  }
400
614
  ],
401
615
  "associatedContent": {
402
616
  "rollParentSnapshots": true,
403
- "excludePostfixes": ["raw"]
617
+ "excludePostfixes": [
618
+ "raw"
619
+ ]
404
620
  }
405
621
  },
406
622
  "narratives": {
407
623
  "has-vulnerabilities": {
408
624
  "label": "Has vulnerabilities",
625
+ "displayName": "Has vulnerabilities",
409
626
  "kind": "having-signal",
627
+ "visibility": "user",
410
628
  "sourceRef": "assetVulnerabilities",
411
629
  "targetEntity": "vulnerabilities"
412
630
  },
413
631
  "has-medium-vulnerabilities": {
632
+ "label": "Has medium vulnerabilities",
633
+ "displayName": "Medium vulnerabilities",
414
634
  "kind": "association-common-property",
635
+ "visibility": "user",
415
636
  "sourceRef": "assetVulnerabilities",
416
637
  "targetEntity": "vulnerabilities",
417
638
  "property": "severity",
418
639
  "value": "medium"
640
+ },
641
+ "is-triaged": {
642
+ "label": "Is triaged",
643
+ "displayName": "Triaged",
644
+ "kind": "product-narrative",
645
+ "visibility": "user"
646
+ },
647
+ "has-triage-decision": {
648
+ "label": "Has triage decision",
649
+ "displayName": "Has triage decision",
650
+ "kind": "rollup",
651
+ "visibility": "user"
652
+ },
653
+ "has-no-vulnerabilities": {
654
+ "label": "No vulnerabilities",
655
+ "displayName": "No vulnerabilities",
656
+ "kind": "product-narrative",
657
+ "visibility": "user"
658
+ },
659
+ "has-accept-decision": {
660
+ "label": "Accept",
661
+ "displayName": "Accept Risk",
662
+ "kind": "rollup",
663
+ "visibility": "user"
664
+ },
665
+ "has-mitigate-decision": {
666
+ "label": "Mitigate",
667
+ "displayName": "Mitigate",
668
+ "kind": "rollup",
669
+ "visibility": "user"
670
+ },
671
+ "has-high-or-critical-exploitability": {
672
+ "label": "High or critical exploitability",
673
+ "displayName": "High exploitability",
674
+ "kind": "rollup",
675
+ "visibility": "user"
676
+ },
677
+ "has-lateral-movement-risk": {
678
+ "label": "Lateral movement risk",
679
+ "displayName": "Lateral movement risk",
680
+ "kind": "rollup",
681
+ "visibility": "user"
682
+ },
683
+ "has-critical-predicted-impact": {
684
+ "label": "Critical predicted impact",
685
+ "displayName": "Critical impact",
686
+ "kind": "rollup",
687
+ "visibility": "user"
688
+ },
689
+ "has-high-predicted-impact": {
690
+ "label": "High predicted impact",
691
+ "displayName": "High impact",
692
+ "kind": "rollup",
693
+ "visibility": "user"
694
+ },
695
+ "has-medium-predicted-impact": {
696
+ "label": "Medium predicted impact",
697
+ "displayName": "Medium impact",
698
+ "kind": "rollup",
699
+ "visibility": "user"
700
+ },
701
+ "has-low-predicted-impact": {
702
+ "label": "Low predicted impact",
703
+ "displayName": "Low impact",
704
+ "kind": "rollup",
705
+ "visibility": "user"
706
+ },
707
+ "has-palo-alto-firewall-source": {
708
+ "label": "Palo Alto Firewall",
709
+ "displayName": "Palo Alto Firewall",
710
+ "kind": "rollup",
711
+ "visibility": "user"
712
+ },
713
+ "has-palo-alto-xdr-source": {
714
+ "label": "Palo Alto XDR",
715
+ "displayName": "Palo Alto XDR",
716
+ "kind": "rollup",
717
+ "visibility": "user"
718
+ },
719
+ "has-tenable-nessus-source": {
720
+ "label": "Tenable Nessus",
721
+ "displayName": "Tenable Nessus",
722
+ "kind": "rollup",
723
+ "visibility": "user"
419
724
  }
420
725
  },
421
726
  "relations": {
@@ -431,7 +736,7 @@
431
736
  "path": "data.cidr"
432
737
  },
433
738
  "defaultMode": "array",
434
- "defaultArrayProperty": "associatedData",
739
+ "defaultArrayProperty": "associatedSubnetsSnapshots",
435
740
  "targetFields": [
436
741
  "cidr",
437
742
  "networkAddress",
@@ -43,6 +43,12 @@
43
43
  "postfix": "legacy",
44
44
  "collection": "subnets-legacy",
45
45
  "isCanonical": false
46
+ },
47
+ "analysis": {
48
+ "postfix": "analysis",
49
+ "collection": "subnets-analysis",
50
+ "dataRoot": "data",
51
+ "isCanonical": false
46
52
  }
47
53
  },
48
54
  "rootProperties": {
@@ -279,6 +285,100 @@
279
285
  "item": true,
280
286
  "valueType": "string"
281
287
  },
288
+ "assetsCount": {
289
+ "label": "Assets #",
290
+ "source": {
291
+ "contentType": "snapshots",
292
+ "path": "analytics.assets.total"
293
+ },
294
+ "humanReadable": true,
295
+ "sortable": true,
296
+ "filterable": true,
297
+ "list": true,
298
+ "item": true,
299
+ "valueType": "number",
300
+ "format": "count"
301
+ },
302
+ "findingsCount": {
303
+ "label": "Findings #",
304
+ "source": {
305
+ "contentType": "snapshots",
306
+ "path": "analytics.findings.total"
307
+ },
308
+ "humanReadable": true,
309
+ "sortable": true,
310
+ "filterable": true,
311
+ "list": true,
312
+ "item": true,
313
+ "valueType": "number",
314
+ "format": "count"
315
+ },
316
+ "vulnerabilitiesCount": {
317
+ "label": "Vulnerabilities #",
318
+ "source": {
319
+ "contentType": "snapshots",
320
+ "path": "analytics.vulnerabilities.total"
321
+ },
322
+ "humanReadable": true,
323
+ "sortable": true,
324
+ "filterable": true,
325
+ "list": true,
326
+ "item": true,
327
+ "valueType": "number",
328
+ "format": "count"
329
+ },
330
+ "criticalVulnerabilities": {
331
+ "label": "Critical Vulnerabilities",
332
+ "source": {
333
+ "contentType": "snapshots",
334
+ "path": "analytics.vulnerabilities.critical"
335
+ },
336
+ "humanReadable": true,
337
+ "sortable": true,
338
+ "filterable": true,
339
+ "list": true,
340
+ "item": true,
341
+ "valueType": "number"
342
+ },
343
+ "highVulnerabilities": {
344
+ "label": "High Vulnerabilities",
345
+ "source": {
346
+ "contentType": "snapshots",
347
+ "path": "analytics.vulnerabilities.high"
348
+ },
349
+ "humanReadable": true,
350
+ "sortable": true,
351
+ "filterable": true,
352
+ "list": true,
353
+ "item": true,
354
+ "valueType": "number"
355
+ },
356
+ "mediumVulnerabilities": {
357
+ "label": "Medium Vulnerabilities",
358
+ "source": {
359
+ "contentType": "snapshots",
360
+ "path": "analytics.vulnerabilities.medium"
361
+ },
362
+ "humanReadable": true,
363
+ "sortable": true,
364
+ "filterable": true,
365
+ "list": true,
366
+ "item": true,
367
+ "valueType": "number"
368
+ },
369
+ "lowVulnerabilities": {
370
+ "label": "Low Vulnerabilities",
371
+ "source": {
372
+ "contentType": "snapshots",
373
+ "path": "analytics.vulnerabilities.low"
374
+ },
375
+ "humanReadable": true,
376
+ "sortable": true,
377
+ "filterable": true,
378
+ "list": true,
379
+ "item": true,
380
+ "valueType": "number"
381
+ },
282
382
  "quarantineReason": {
283
383
  "label": "Quarantine Reason",
284
384
  "source": {
@@ -291,11 +391,75 @@
291
391
  "list": false,
292
392
  "item": true,
293
393
  "valueType": "string"
394
+ },
395
+ "analysisOverview": {
396
+ "label": "Overview",
397
+ "source": { "contentType": "analysis", "path": "data.overview" },
398
+ "humanReadable": false,
399
+ "list": false,
400
+ "item": true,
401
+ "valueType": "object"
402
+ },
403
+ "analysisOverviewSummary": {
404
+ "label": "Overview Summary",
405
+ "source": { "contentType": "analysis", "path": "data.overview.summary" },
406
+ "humanReadable": true,
407
+ "list": true,
408
+ "item": true,
409
+ "valueType": "string"
410
+ },
411
+ "analysisRole": {
412
+ "label": "Role",
413
+ "source": { "contentType": "analysis", "path": "data.cyberRoleInterpretation" },
414
+ "humanReadable": false,
415
+ "list": false,
416
+ "item": true,
417
+ "valueType": "object"
418
+ },
419
+ "analysisExposure": {
420
+ "label": "Exposure",
421
+ "source": { "contentType": "analysis", "path": "data.externalAndLowerTrustReachability" },
422
+ "humanReadable": false,
423
+ "list": false,
424
+ "item": true,
425
+ "valueType": "object"
426
+ },
427
+ "analysisTrust": {
428
+ "label": "Trust",
429
+ "source": { "contentType": "analysis", "path": "data.trustPositionInterpretation" },
430
+ "humanReadable": false,
431
+ "list": false,
432
+ "item": true,
433
+ "valueType": "object"
434
+ },
435
+ "analysisAttackPath": {
436
+ "label": "Attack Path",
437
+ "source": { "contentType": "analysis", "path": "data.possibleAttackPathAnalysis" },
438
+ "humanReadable": false,
439
+ "list": false,
440
+ "item": true,
441
+ "valueType": "object"
442
+ },
443
+ "analysisMovement": {
444
+ "label": "Movement",
445
+ "source": { "contentType": "analysis", "path": "data.outboundAndBlastPathInterpretation" },
446
+ "humanReadable": false,
447
+ "list": false,
448
+ "item": true,
449
+ "valueType": "object"
450
+ },
451
+ "analysisContext": {
452
+ "label": "Context",
453
+ "source": { "contentType": "analysis", "path": "data.aggregateContextInterpretation" },
454
+ "humanReadable": false,
455
+ "list": false,
456
+ "item": true,
457
+ "valueType": "object"
294
458
  }
295
459
  },
296
460
  "associatedProperties": [
297
461
  {
298
- "name": "associatedChildren",
462
+ "name": "associatedAssetsSnapshots",
299
463
  "contentType": "snapshots",
300
464
  "kind": "associated",
301
465
  "valueShape": "array<object>",
@@ -305,6 +469,18 @@
305
469
  "managed": true,
306
470
  "refreshRuleKey": "subnets.assets.snapshots.by-cidr",
307
471
  "sourceCollection": "assets-snapshots"
472
+ },
473
+ {
474
+ "name": "associatedTopologyZonesAnalysis",
475
+ "contentType": "snapshots",
476
+ "kind": "associated",
477
+ "valueShape": "array<object>",
478
+ "linkedObjectType": "topology-zones",
479
+ "linkedContentType": "analysis",
480
+ "description": "Zone cyber-analysis joined from subnet data.zone to topology-zones-analysis.data.name.",
481
+ "managed": true,
482
+ "refreshRuleKey": "subnets.topology-zones.analysis.by-zone-name",
483
+ "sourceCollection": "topology-zones-analysis"
308
484
  }
309
485
  ],
310
486
  "processing": {
@@ -325,6 +501,33 @@
325
501
  }
326
502
  }
327
503
  ],
504
+ "resolvers": [
505
+ {
506
+ "processorId": "subnets.subnet-key",
507
+ "resolverType": "subnet-key",
508
+ "kind": "function",
509
+ "config": {
510
+ "mode": "from-cidr",
511
+ "sourcePath": "data.cidr"
512
+ }
513
+ },
514
+ {
515
+ "processorId": "subnets.zone-from-topology",
516
+ "resolverType": "zone-from-topology",
517
+ "kind": "function",
518
+ "config": {
519
+ "onlyWhenZoneIs": "UNKNOWN",
520
+ "topologyRaw": {
521
+ "db": "memorix-knowledge",
522
+ "collection": "topology-raw"
523
+ },
524
+ "zonesRegistry": {
525
+ "db": "neo-memorix-entities",
526
+ "collection": "topology-zones-snapshots"
527
+ }
528
+ }
529
+ }
530
+ ],
328
531
  "insightStages": [
329
532
  {
330
533
  "processorId": "network.cidr-topology-path-resolver",
@@ -350,7 +553,9 @@
350
553
  ],
351
554
  "associatedContent": {
352
555
  "rollParentSnapshots": true,
353
- "excludePostfixes": ["raw"]
556
+ "excludePostfixes": [
557
+ "raw"
558
+ ]
354
559
  }
355
560
  },
356
561
  "relations": {}