@x12i/memorix-retrieval 1.31.0 → 1.32.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/catalox-seeds/inputs/entity-descriptors/assets.json +312 -7
- package/catalox-seeds/inputs/entity-descriptors/subnets.json +207 -2
- package/catalox-seeds/inputs/entity-descriptors/topology-zones.json +85 -0
- package/catalox-seeds/inputs/entity-descriptors/vulnerabilities-groups.json +255 -0
- package/catalox-seeds/inputs/entity-descriptors/vulnerabilities.json +294 -10
- package/catalox-seeds/inputs/item-descriptors/asset-detail-item.json +63 -14
- package/catalox-seeds/inputs/item-descriptors/subnet-detail-item.json +51 -17
- package/catalox-seeds/inputs/item-descriptors/vulnerabilities-group-detail-item.json +97 -0
- package/catalox-seeds/inputs/item-descriptors/vulnerability-detail-item.json +44 -40
- package/catalox-seeds/inputs/item-descriptors/vulnerability-observation-detail-item.json +42 -0
- package/catalox-seeds/inputs/list-descriptors/assets-exploitability-decisions-list.json +33 -0
- package/catalox-seeds/inputs/list-descriptors/assets-main-list.json +56 -2
- package/catalox-seeds/inputs/list-descriptors/assets-potential-impact-decisions-list.json +31 -0
- package/catalox-seeds/inputs/list-descriptors/subnets-main-list.json +107 -3
- package/catalox-seeds/inputs/list-descriptors/vulnerabilities-exploitability-analysis-list.json +29 -0
- package/catalox-seeds/inputs/list-descriptors/vulnerabilities-groups-main-list.json +98 -0
- package/catalox-seeds/inputs/list-descriptors/vulnerabilities-main-list.json +7 -1
- package/catalox-seeds/inputs/list-descriptors/vulnerabilities-observations-list.json +43 -0
- package/catalox-seeds/inputs/list-descriptors/vulnerabilities-triage-analysis-list.json +30 -0
- package/catalox-seeds/inputs/list-descriptors/vulnerable-assets-list.json +102 -0
- package/catalox-seeds/memorix-retrieval-descriptors.manifest.json +2512 -367
- package/dist/descriptors/descriptor-types.d.ts +38 -0
- package/dist/descriptors/descriptor-types.d.ts.map +1 -1
- package/dist/descriptors/validate-descriptor.d.ts +1 -0
- package/dist/descriptors/validate-descriptor.d.ts.map +1 -1
- package/dist/descriptors/validate-descriptor.js +27 -0
- package/dist/descriptors/validate-descriptor.js.map +1 -1
- package/dist/explorer/collection-records.d.ts.map +1 -1
- package/dist/explorer/collection-records.js +22 -2
- package/dist/explorer/collection-records.js.map +1 -1
- package/dist/explorer/raw-collection-records.d.ts +2 -0
- package/dist/explorer/raw-collection-records.d.ts.map +1 -1
- package/dist/explorer/raw-collection-records.js +1 -1
- package/dist/explorer/raw-collection-records.js.map +1 -1
- package/dist/index.d.ts +3 -2
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +2 -1
- package/dist/index.js.map +1 -1
- package/dist/mongo/env.d.ts +17 -0
- package/dist/mongo/env.d.ts.map +1 -1
- package/dist/mongo/env.js +73 -0
- package/dist/mongo/env.js.map +1 -1
- package/dist/retrieval/fetch-list.d.ts.map +1 -1
- package/dist/retrieval/fetch-list.js +3 -1
- package/dist/retrieval/fetch-list.js.map +1 -1
- package/dist/retrieval/fetch-narratives.d.ts +8 -0
- package/dist/retrieval/fetch-narratives.d.ts.map +1 -1
- package/dist/retrieval/fetch-narratives.js +39 -9
- package/dist/retrieval/fetch-narratives.js.map +1 -1
- package/dist/retrieval/narrative-list-filters.d.ts +30 -0
- package/dist/retrieval/narrative-list-filters.d.ts.map +1 -0
- package/dist/retrieval/narrative-list-filters.js +179 -0
- package/dist/retrieval/narrative-list-filters.js.map +1 -0
- package/dist/retrieval/resolve-filters.d.ts +11 -1
- package/dist/retrieval/resolve-filters.d.ts.map +1 -1
- package/dist/retrieval/resolve-filters.js +34 -7
- package/dist/retrieval/resolve-filters.js.map +1 -1
- package/dist/seeds/default-seed-spec.d.ts.map +1 -1
- package/dist/seeds/default-seed-spec.js +9 -0
- package/dist/seeds/default-seed-spec.js.map +1 -1
- package/dist/tests/resolve-filters.test.js +81 -4
- package/dist/tests/resolve-filters.test.js.map +1 -1
- package/docs/MEMORIX-CATALOX-CONTRACTS.md +2 -0
- package/package.json +5 -5
|
@@ -41,6 +41,18 @@
|
|
|
41
41
|
"collection": "assets-scoped",
|
|
42
42
|
"dataRoot": "data",
|
|
43
43
|
"isCanonical": false
|
|
44
|
+
},
|
|
45
|
+
"analysis": {
|
|
46
|
+
"postfix": "analysis",
|
|
47
|
+
"collection": "assets-analysis",
|
|
48
|
+
"dataRoot": "data",
|
|
49
|
+
"isCanonical": false
|
|
50
|
+
},
|
|
51
|
+
"decisions": {
|
|
52
|
+
"postfix": "decision",
|
|
53
|
+
"collection": "assets-decision",
|
|
54
|
+
"dataRoot": "data",
|
|
55
|
+
"isCanonical": false
|
|
44
56
|
}
|
|
45
57
|
},
|
|
46
58
|
"properties": {
|
|
@@ -213,6 +225,20 @@
|
|
|
213
225
|
"item": true,
|
|
214
226
|
"valueType": "number"
|
|
215
227
|
},
|
|
228
|
+
"findingsCount": {
|
|
229
|
+
"label": "Findings",
|
|
230
|
+
"source": {
|
|
231
|
+
"contentType": "snapshots",
|
|
232
|
+
"path": "analytics.findings.total"
|
|
233
|
+
},
|
|
234
|
+
"humanReadable": true,
|
|
235
|
+
"sortable": true,
|
|
236
|
+
"filterable": true,
|
|
237
|
+
"list": true,
|
|
238
|
+
"item": true,
|
|
239
|
+
"valueType": "number",
|
|
240
|
+
"format": "count"
|
|
241
|
+
},
|
|
216
242
|
"potentialImpactLevel": {
|
|
217
243
|
"label": "Potential Impact",
|
|
218
244
|
"source": {
|
|
@@ -277,11 +303,146 @@
|
|
|
277
303
|
"list": false,
|
|
278
304
|
"item": true,
|
|
279
305
|
"valueType": "object"
|
|
306
|
+
},
|
|
307
|
+
"observedUsers": {
|
|
308
|
+
"label": "Users",
|
|
309
|
+
"source": {
|
|
310
|
+
"contentType": "snapshots",
|
|
311
|
+
"path": "data.observedUsers"
|
|
312
|
+
},
|
|
313
|
+
"humanReadable": true,
|
|
314
|
+
"sortable": false,
|
|
315
|
+
"filterable": true,
|
|
316
|
+
"list": true,
|
|
317
|
+
"item": true,
|
|
318
|
+
"valueType": "array"
|
|
319
|
+
},
|
|
320
|
+
"analysisBriefSummary": {
|
|
321
|
+
"label": "Brief Summary",
|
|
322
|
+
"source": { "contentType": "analysis", "path": "data.brief.summary" },
|
|
323
|
+
"humanReadable": true,
|
|
324
|
+
"list": true,
|
|
325
|
+
"item": true,
|
|
326
|
+
"valueType": "string"
|
|
327
|
+
},
|
|
328
|
+
"analysisBriefTakeaway": {
|
|
329
|
+
"label": "Brief Takeaway",
|
|
330
|
+
"source": { "contentType": "analysis", "path": "data.brief.takeaway" },
|
|
331
|
+
"humanReadable": true,
|
|
332
|
+
"list": false,
|
|
333
|
+
"item": true,
|
|
334
|
+
"valueType": "string"
|
|
335
|
+
},
|
|
336
|
+
"analysisBriefConfidence": {
|
|
337
|
+
"label": "Brief Confidence",
|
|
338
|
+
"source": { "contentType": "analysis", "path": "data.brief.confidence" },
|
|
339
|
+
"humanReadable": true,
|
|
340
|
+
"list": false,
|
|
341
|
+
"item": true,
|
|
342
|
+
"valueType": "string"
|
|
343
|
+
},
|
|
344
|
+
"analysisContext": {
|
|
345
|
+
"label": "Context",
|
|
346
|
+
"source": { "contentType": "analysis", "path": "data.context" },
|
|
347
|
+
"humanReadable": false,
|
|
348
|
+
"list": false,
|
|
349
|
+
"item": true,
|
|
350
|
+
"valueType": "object"
|
|
351
|
+
},
|
|
352
|
+
"analysisReachability": {
|
|
353
|
+
"label": "Reachability",
|
|
354
|
+
"source": { "contentType": "analysis", "path": "data.reachability" },
|
|
355
|
+
"humanReadable": false,
|
|
356
|
+
"list": false,
|
|
357
|
+
"item": true,
|
|
358
|
+
"valueType": "object"
|
|
359
|
+
},
|
|
360
|
+
"analysisPaths": {
|
|
361
|
+
"label": "Paths",
|
|
362
|
+
"source": { "contentType": "analysis", "path": "data.paths" },
|
|
363
|
+
"humanReadable": false,
|
|
364
|
+
"list": false,
|
|
365
|
+
"item": true,
|
|
366
|
+
"valueType": "object"
|
|
367
|
+
},
|
|
368
|
+
"attackPathExistence": {
|
|
369
|
+
"label": "Attack Path Existence",
|
|
370
|
+
"source": { "contentType": "analysis", "path": "data.paths.attackPathExistence" },
|
|
371
|
+
"humanReadable": true,
|
|
372
|
+
"sortable": true,
|
|
373
|
+
"filterable": true,
|
|
374
|
+
"list": true,
|
|
375
|
+
"item": true,
|
|
376
|
+
"valueType": "string"
|
|
377
|
+
},
|
|
378
|
+
"decisionOverviewSummary": {
|
|
379
|
+
"label": "Decision Summary",
|
|
380
|
+
"source": { "contentType": "decisions", "path": "data.overview.summary" },
|
|
381
|
+
"humanReadable": true,
|
|
382
|
+
"list": true,
|
|
383
|
+
"item": true,
|
|
384
|
+
"valueType": "string"
|
|
385
|
+
},
|
|
386
|
+
"decisionOverviewDetailedAnalysis": {
|
|
387
|
+
"label": "Decision Detailed Analysis",
|
|
388
|
+
"source": { "contentType": "decisions", "path": "data.overview.detailedAnalysis" },
|
|
389
|
+
"humanReadable": true,
|
|
390
|
+
"list": true,
|
|
391
|
+
"item": true,
|
|
392
|
+
"valueType": "string"
|
|
393
|
+
},
|
|
394
|
+
"decisionExploitability": {
|
|
395
|
+
"label": "Exploitability Analysis",
|
|
396
|
+
"source": { "contentType": "decisions", "path": "data.exploitability" },
|
|
397
|
+
"humanReadable": false,
|
|
398
|
+
"list": false,
|
|
399
|
+
"item": true,
|
|
400
|
+
"valueType": "object"
|
|
401
|
+
},
|
|
402
|
+
"decisionLabel": {
|
|
403
|
+
"label": "Decision",
|
|
404
|
+
"source": { "contentType": "decisions", "path": "data.decision.decision" },
|
|
405
|
+
"humanReadable": true,
|
|
406
|
+
"sortable": true,
|
|
407
|
+
"filterable": true,
|
|
408
|
+
"list": true,
|
|
409
|
+
"item": true,
|
|
410
|
+
"valueType": "string"
|
|
411
|
+
},
|
|
412
|
+
"decisionStatus": {
|
|
413
|
+
"label": "Decision Status",
|
|
414
|
+
"source": { "contentType": "decisions", "path": "data.decision.status" },
|
|
415
|
+
"humanReadable": true,
|
|
416
|
+
"sortable": true,
|
|
417
|
+
"filterable": true,
|
|
418
|
+
"list": true,
|
|
419
|
+
"item": true,
|
|
420
|
+
"valueType": "string"
|
|
421
|
+
},
|
|
422
|
+
"decisionRiskScore": {
|
|
423
|
+
"label": "Decision Score",
|
|
424
|
+
"source": { "contentType": "decisions", "path": "data.decision.riskScore" },
|
|
425
|
+
"humanReadable": true,
|
|
426
|
+
"sortable": true,
|
|
427
|
+
"filterable": true,
|
|
428
|
+
"list": true,
|
|
429
|
+
"item": true,
|
|
430
|
+
"valueType": "number"
|
|
431
|
+
},
|
|
432
|
+
"decisionUrgencyScore": {
|
|
433
|
+
"label": "Urgency Score",
|
|
434
|
+
"source": { "contentType": "decisions", "path": "data.decision.urgencyScore" },
|
|
435
|
+
"humanReadable": true,
|
|
436
|
+
"sortable": true,
|
|
437
|
+
"filterable": true,
|
|
438
|
+
"list": true,
|
|
439
|
+
"item": true,
|
|
440
|
+
"valueType": "number"
|
|
280
441
|
}
|
|
281
442
|
},
|
|
282
443
|
"associatedProperties": [
|
|
283
444
|
{
|
|
284
|
-
"name": "
|
|
445
|
+
"name": "associatedSubnetsSnapshots",
|
|
285
446
|
"contentType": "snapshots",
|
|
286
447
|
"kind": "associated",
|
|
287
448
|
"valueShape": "array<object>",
|
|
@@ -293,7 +454,7 @@
|
|
|
293
454
|
"sourceCollection": "subnets-snapshots"
|
|
294
455
|
},
|
|
295
456
|
{
|
|
296
|
-
"name": "
|
|
457
|
+
"name": "associatedSubnetsDiscovery",
|
|
297
458
|
"contentType": "snapshots",
|
|
298
459
|
"kind": "associated",
|
|
299
460
|
"valueShape": "array<object>",
|
|
@@ -305,7 +466,7 @@
|
|
|
305
466
|
"sourceCollection": "subnets-discovery"
|
|
306
467
|
},
|
|
307
468
|
{
|
|
308
|
-
"name": "
|
|
469
|
+
"name": "associatedAssetsSnapshots",
|
|
309
470
|
"contentType": "snapshots",
|
|
310
471
|
"kind": "associated",
|
|
311
472
|
"valueShape": "array<object>",
|
|
@@ -329,7 +490,7 @@
|
|
|
329
490
|
"sourceCollection": "subnets-snapshots"
|
|
330
491
|
},
|
|
331
492
|
{
|
|
332
|
-
"name": "
|
|
493
|
+
"name": "associatedSubnetsSnapshots",
|
|
333
494
|
"contentType": "snapshots",
|
|
334
495
|
"kind": "associated",
|
|
335
496
|
"valueShape": "array<object>",
|
|
@@ -363,6 +524,44 @@
|
|
|
363
524
|
"managed": true,
|
|
364
525
|
"refreshRuleKey": "assets.subnets.analysis.explicit.by-cidr",
|
|
365
526
|
"sourceCollection": "subnets-analysis"
|
|
527
|
+
},
|
|
528
|
+
{
|
|
529
|
+
"name": "associatedTopologyZonesAnalysis",
|
|
530
|
+
"contentType": "snapshots",
|
|
531
|
+
"kind": "associated",
|
|
532
|
+
"valueShape": "array<object>",
|
|
533
|
+
"linkedObjectType": "topology-zones",
|
|
534
|
+
"linkedContentType": "analysis",
|
|
535
|
+
"description": "Zone cyber-analysis payloads joined by host data.zones or associatedTopology.zone to topology-zones-analysis.data.name.",
|
|
536
|
+
"managed": true,
|
|
537
|
+
"refreshRuleKey": "assets.topology-zones.analysis.by-zone-name",
|
|
538
|
+
"sourceCollection": "topology-zones-analysis"
|
|
539
|
+
},
|
|
540
|
+
{
|
|
541
|
+
"name": "associatedVulnerabilitiesAnalysis",
|
|
542
|
+
"contentType": "snapshots",
|
|
543
|
+
"kind": "associated",
|
|
544
|
+
"valueShape": "array<object>",
|
|
545
|
+
"linkedObjectType": "vulnerabilities",
|
|
546
|
+
"linkedContentType": "analysis",
|
|
547
|
+
"description": "Vulnerability analysis payloads copied from vulnerabilities-analysis.data after matching vulnerabilities-snapshots by asset IP and resolving content by snapshot recordId.",
|
|
548
|
+
"managed": true,
|
|
549
|
+
"refreshRuleKey": "assets.vulnerabilities.analysis.by-assetIp",
|
|
550
|
+
"sourceCollection": "vulnerabilities-analysis"
|
|
551
|
+
},
|
|
552
|
+
{
|
|
553
|
+
"name": "associatedTopVulnerabilitiesAnalysis",
|
|
554
|
+
"contentType": "snapshots",
|
|
555
|
+
"kind": "associated",
|
|
556
|
+
"valueShape": "array<object>",
|
|
557
|
+
"linkedObjectType": "vulnerabilities",
|
|
558
|
+
"linkedContentType": "analysis",
|
|
559
|
+
"description": "Top vulnerability analysis payloads (default 5), ranked by vulnerabilities-snapshots.data.severity after IP match and content resolve by snapshot recordId. Omitted when empty.",
|
|
560
|
+
"managed": true,
|
|
561
|
+
"top": true,
|
|
562
|
+
"maxItems": 5,
|
|
563
|
+
"refreshRuleKey": "assets.vulnerabilities.analysis.top.by-assetIp",
|
|
564
|
+
"sourceCollection": "vulnerabilities-analysis"
|
|
366
565
|
}
|
|
367
566
|
],
|
|
368
567
|
"processing": {
|
|
@@ -390,32 +589,138 @@
|
|
|
390
589
|
"kind": "function",
|
|
391
590
|
"config": {
|
|
392
591
|
"mode": "resolve",
|
|
393
|
-
"assetIpPaths": [
|
|
592
|
+
"assetIpPaths": [
|
|
593
|
+
"data.assetIps",
|
|
594
|
+
"data.assetIp"
|
|
595
|
+
],
|
|
394
596
|
"canonicalCollection": {
|
|
395
597
|
"db": "neo-memorix-entities",
|
|
396
598
|
"collection": "subnets-snapshots"
|
|
397
599
|
}
|
|
398
600
|
}
|
|
601
|
+
},
|
|
602
|
+
{
|
|
603
|
+
"processorId": "assets.topology-extractor",
|
|
604
|
+
"resolverType": "topology-extractor",
|
|
605
|
+
"kind": "function",
|
|
606
|
+
"config": {
|
|
607
|
+
"mode": "from-associated-data",
|
|
608
|
+
"sourcePaths": [
|
|
609
|
+
"associatedSubnetsSnapshots"
|
|
610
|
+
],
|
|
611
|
+
"outputPath": "associatedTopology"
|
|
612
|
+
}
|
|
399
613
|
}
|
|
400
614
|
],
|
|
401
615
|
"associatedContent": {
|
|
402
616
|
"rollParentSnapshots": true,
|
|
403
|
-
"excludePostfixes": [
|
|
617
|
+
"excludePostfixes": [
|
|
618
|
+
"raw"
|
|
619
|
+
]
|
|
404
620
|
}
|
|
405
621
|
},
|
|
406
622
|
"narratives": {
|
|
407
623
|
"has-vulnerabilities": {
|
|
408
624
|
"label": "Has vulnerabilities",
|
|
625
|
+
"displayName": "Has vulnerabilities",
|
|
409
626
|
"kind": "having-signal",
|
|
627
|
+
"visibility": "user",
|
|
410
628
|
"sourceRef": "assetVulnerabilities",
|
|
411
629
|
"targetEntity": "vulnerabilities"
|
|
412
630
|
},
|
|
413
631
|
"has-medium-vulnerabilities": {
|
|
632
|
+
"label": "Has medium vulnerabilities",
|
|
633
|
+
"displayName": "Medium vulnerabilities",
|
|
414
634
|
"kind": "association-common-property",
|
|
635
|
+
"visibility": "user",
|
|
415
636
|
"sourceRef": "assetVulnerabilities",
|
|
416
637
|
"targetEntity": "vulnerabilities",
|
|
417
638
|
"property": "severity",
|
|
418
639
|
"value": "medium"
|
|
640
|
+
},
|
|
641
|
+
"is-triaged": {
|
|
642
|
+
"label": "Is triaged",
|
|
643
|
+
"displayName": "Triaged",
|
|
644
|
+
"kind": "product-narrative",
|
|
645
|
+
"visibility": "user"
|
|
646
|
+
},
|
|
647
|
+
"has-triage-decision": {
|
|
648
|
+
"label": "Has triage decision",
|
|
649
|
+
"displayName": "Has triage decision",
|
|
650
|
+
"kind": "rollup",
|
|
651
|
+
"visibility": "user"
|
|
652
|
+
},
|
|
653
|
+
"has-no-vulnerabilities": {
|
|
654
|
+
"label": "No vulnerabilities",
|
|
655
|
+
"displayName": "No vulnerabilities",
|
|
656
|
+
"kind": "product-narrative",
|
|
657
|
+
"visibility": "user"
|
|
658
|
+
},
|
|
659
|
+
"has-accept-decision": {
|
|
660
|
+
"label": "Accept",
|
|
661
|
+
"displayName": "Accept Risk",
|
|
662
|
+
"kind": "rollup",
|
|
663
|
+
"visibility": "user"
|
|
664
|
+
},
|
|
665
|
+
"has-mitigate-decision": {
|
|
666
|
+
"label": "Mitigate",
|
|
667
|
+
"displayName": "Mitigate",
|
|
668
|
+
"kind": "rollup",
|
|
669
|
+
"visibility": "user"
|
|
670
|
+
},
|
|
671
|
+
"has-high-or-critical-exploitability": {
|
|
672
|
+
"label": "High or critical exploitability",
|
|
673
|
+
"displayName": "High exploitability",
|
|
674
|
+
"kind": "rollup",
|
|
675
|
+
"visibility": "user"
|
|
676
|
+
},
|
|
677
|
+
"has-lateral-movement-risk": {
|
|
678
|
+
"label": "Lateral movement risk",
|
|
679
|
+
"displayName": "Lateral movement risk",
|
|
680
|
+
"kind": "rollup",
|
|
681
|
+
"visibility": "user"
|
|
682
|
+
},
|
|
683
|
+
"has-critical-predicted-impact": {
|
|
684
|
+
"label": "Critical predicted impact",
|
|
685
|
+
"displayName": "Critical impact",
|
|
686
|
+
"kind": "rollup",
|
|
687
|
+
"visibility": "user"
|
|
688
|
+
},
|
|
689
|
+
"has-high-predicted-impact": {
|
|
690
|
+
"label": "High predicted impact",
|
|
691
|
+
"displayName": "High impact",
|
|
692
|
+
"kind": "rollup",
|
|
693
|
+
"visibility": "user"
|
|
694
|
+
},
|
|
695
|
+
"has-medium-predicted-impact": {
|
|
696
|
+
"label": "Medium predicted impact",
|
|
697
|
+
"displayName": "Medium impact",
|
|
698
|
+
"kind": "rollup",
|
|
699
|
+
"visibility": "user"
|
|
700
|
+
},
|
|
701
|
+
"has-low-predicted-impact": {
|
|
702
|
+
"label": "Low predicted impact",
|
|
703
|
+
"displayName": "Low impact",
|
|
704
|
+
"kind": "rollup",
|
|
705
|
+
"visibility": "user"
|
|
706
|
+
},
|
|
707
|
+
"has-palo-alto-firewall-source": {
|
|
708
|
+
"label": "Palo Alto Firewall",
|
|
709
|
+
"displayName": "Palo Alto Firewall",
|
|
710
|
+
"kind": "rollup",
|
|
711
|
+
"visibility": "user"
|
|
712
|
+
},
|
|
713
|
+
"has-palo-alto-xdr-source": {
|
|
714
|
+
"label": "Palo Alto XDR",
|
|
715
|
+
"displayName": "Palo Alto XDR",
|
|
716
|
+
"kind": "rollup",
|
|
717
|
+
"visibility": "user"
|
|
718
|
+
},
|
|
719
|
+
"has-tenable-nessus-source": {
|
|
720
|
+
"label": "Tenable Nessus",
|
|
721
|
+
"displayName": "Tenable Nessus",
|
|
722
|
+
"kind": "rollup",
|
|
723
|
+
"visibility": "user"
|
|
419
724
|
}
|
|
420
725
|
},
|
|
421
726
|
"relations": {
|
|
@@ -431,7 +736,7 @@
|
|
|
431
736
|
"path": "data.cidr"
|
|
432
737
|
},
|
|
433
738
|
"defaultMode": "array",
|
|
434
|
-
"defaultArrayProperty": "
|
|
739
|
+
"defaultArrayProperty": "associatedSubnetsSnapshots",
|
|
435
740
|
"targetFields": [
|
|
436
741
|
"cidr",
|
|
437
742
|
"networkAddress",
|
|
@@ -43,6 +43,12 @@
|
|
|
43
43
|
"postfix": "legacy",
|
|
44
44
|
"collection": "subnets-legacy",
|
|
45
45
|
"isCanonical": false
|
|
46
|
+
},
|
|
47
|
+
"analysis": {
|
|
48
|
+
"postfix": "analysis",
|
|
49
|
+
"collection": "subnets-analysis",
|
|
50
|
+
"dataRoot": "data",
|
|
51
|
+
"isCanonical": false
|
|
46
52
|
}
|
|
47
53
|
},
|
|
48
54
|
"rootProperties": {
|
|
@@ -279,6 +285,100 @@
|
|
|
279
285
|
"item": true,
|
|
280
286
|
"valueType": "string"
|
|
281
287
|
},
|
|
288
|
+
"assetsCount": {
|
|
289
|
+
"label": "Assets #",
|
|
290
|
+
"source": {
|
|
291
|
+
"contentType": "snapshots",
|
|
292
|
+
"path": "analytics.assets.total"
|
|
293
|
+
},
|
|
294
|
+
"humanReadable": true,
|
|
295
|
+
"sortable": true,
|
|
296
|
+
"filterable": true,
|
|
297
|
+
"list": true,
|
|
298
|
+
"item": true,
|
|
299
|
+
"valueType": "number",
|
|
300
|
+
"format": "count"
|
|
301
|
+
},
|
|
302
|
+
"findingsCount": {
|
|
303
|
+
"label": "Findings #",
|
|
304
|
+
"source": {
|
|
305
|
+
"contentType": "snapshots",
|
|
306
|
+
"path": "analytics.findings.total"
|
|
307
|
+
},
|
|
308
|
+
"humanReadable": true,
|
|
309
|
+
"sortable": true,
|
|
310
|
+
"filterable": true,
|
|
311
|
+
"list": true,
|
|
312
|
+
"item": true,
|
|
313
|
+
"valueType": "number",
|
|
314
|
+
"format": "count"
|
|
315
|
+
},
|
|
316
|
+
"vulnerabilitiesCount": {
|
|
317
|
+
"label": "Vulnerabilities #",
|
|
318
|
+
"source": {
|
|
319
|
+
"contentType": "snapshots",
|
|
320
|
+
"path": "analytics.vulnerabilities.total"
|
|
321
|
+
},
|
|
322
|
+
"humanReadable": true,
|
|
323
|
+
"sortable": true,
|
|
324
|
+
"filterable": true,
|
|
325
|
+
"list": true,
|
|
326
|
+
"item": true,
|
|
327
|
+
"valueType": "number",
|
|
328
|
+
"format": "count"
|
|
329
|
+
},
|
|
330
|
+
"criticalVulnerabilities": {
|
|
331
|
+
"label": "Critical Vulnerabilities",
|
|
332
|
+
"source": {
|
|
333
|
+
"contentType": "snapshots",
|
|
334
|
+
"path": "analytics.vulnerabilities.critical"
|
|
335
|
+
},
|
|
336
|
+
"humanReadable": true,
|
|
337
|
+
"sortable": true,
|
|
338
|
+
"filterable": true,
|
|
339
|
+
"list": true,
|
|
340
|
+
"item": true,
|
|
341
|
+
"valueType": "number"
|
|
342
|
+
},
|
|
343
|
+
"highVulnerabilities": {
|
|
344
|
+
"label": "High Vulnerabilities",
|
|
345
|
+
"source": {
|
|
346
|
+
"contentType": "snapshots",
|
|
347
|
+
"path": "analytics.vulnerabilities.high"
|
|
348
|
+
},
|
|
349
|
+
"humanReadable": true,
|
|
350
|
+
"sortable": true,
|
|
351
|
+
"filterable": true,
|
|
352
|
+
"list": true,
|
|
353
|
+
"item": true,
|
|
354
|
+
"valueType": "number"
|
|
355
|
+
},
|
|
356
|
+
"mediumVulnerabilities": {
|
|
357
|
+
"label": "Medium Vulnerabilities",
|
|
358
|
+
"source": {
|
|
359
|
+
"contentType": "snapshots",
|
|
360
|
+
"path": "analytics.vulnerabilities.medium"
|
|
361
|
+
},
|
|
362
|
+
"humanReadable": true,
|
|
363
|
+
"sortable": true,
|
|
364
|
+
"filterable": true,
|
|
365
|
+
"list": true,
|
|
366
|
+
"item": true,
|
|
367
|
+
"valueType": "number"
|
|
368
|
+
},
|
|
369
|
+
"lowVulnerabilities": {
|
|
370
|
+
"label": "Low Vulnerabilities",
|
|
371
|
+
"source": {
|
|
372
|
+
"contentType": "snapshots",
|
|
373
|
+
"path": "analytics.vulnerabilities.low"
|
|
374
|
+
},
|
|
375
|
+
"humanReadable": true,
|
|
376
|
+
"sortable": true,
|
|
377
|
+
"filterable": true,
|
|
378
|
+
"list": true,
|
|
379
|
+
"item": true,
|
|
380
|
+
"valueType": "number"
|
|
381
|
+
},
|
|
282
382
|
"quarantineReason": {
|
|
283
383
|
"label": "Quarantine Reason",
|
|
284
384
|
"source": {
|
|
@@ -291,11 +391,75 @@
|
|
|
291
391
|
"list": false,
|
|
292
392
|
"item": true,
|
|
293
393
|
"valueType": "string"
|
|
394
|
+
},
|
|
395
|
+
"analysisOverview": {
|
|
396
|
+
"label": "Overview",
|
|
397
|
+
"source": { "contentType": "analysis", "path": "data.overview" },
|
|
398
|
+
"humanReadable": false,
|
|
399
|
+
"list": false,
|
|
400
|
+
"item": true,
|
|
401
|
+
"valueType": "object"
|
|
402
|
+
},
|
|
403
|
+
"analysisOverviewSummary": {
|
|
404
|
+
"label": "Overview Summary",
|
|
405
|
+
"source": { "contentType": "analysis", "path": "data.overview.summary" },
|
|
406
|
+
"humanReadable": true,
|
|
407
|
+
"list": true,
|
|
408
|
+
"item": true,
|
|
409
|
+
"valueType": "string"
|
|
410
|
+
},
|
|
411
|
+
"analysisRole": {
|
|
412
|
+
"label": "Role",
|
|
413
|
+
"source": { "contentType": "analysis", "path": "data.cyberRoleInterpretation" },
|
|
414
|
+
"humanReadable": false,
|
|
415
|
+
"list": false,
|
|
416
|
+
"item": true,
|
|
417
|
+
"valueType": "object"
|
|
418
|
+
},
|
|
419
|
+
"analysisExposure": {
|
|
420
|
+
"label": "Exposure",
|
|
421
|
+
"source": { "contentType": "analysis", "path": "data.externalAndLowerTrustReachability" },
|
|
422
|
+
"humanReadable": false,
|
|
423
|
+
"list": false,
|
|
424
|
+
"item": true,
|
|
425
|
+
"valueType": "object"
|
|
426
|
+
},
|
|
427
|
+
"analysisTrust": {
|
|
428
|
+
"label": "Trust",
|
|
429
|
+
"source": { "contentType": "analysis", "path": "data.trustPositionInterpretation" },
|
|
430
|
+
"humanReadable": false,
|
|
431
|
+
"list": false,
|
|
432
|
+
"item": true,
|
|
433
|
+
"valueType": "object"
|
|
434
|
+
},
|
|
435
|
+
"analysisAttackPath": {
|
|
436
|
+
"label": "Attack Path",
|
|
437
|
+
"source": { "contentType": "analysis", "path": "data.possibleAttackPathAnalysis" },
|
|
438
|
+
"humanReadable": false,
|
|
439
|
+
"list": false,
|
|
440
|
+
"item": true,
|
|
441
|
+
"valueType": "object"
|
|
442
|
+
},
|
|
443
|
+
"analysisMovement": {
|
|
444
|
+
"label": "Movement",
|
|
445
|
+
"source": { "contentType": "analysis", "path": "data.outboundAndBlastPathInterpretation" },
|
|
446
|
+
"humanReadable": false,
|
|
447
|
+
"list": false,
|
|
448
|
+
"item": true,
|
|
449
|
+
"valueType": "object"
|
|
450
|
+
},
|
|
451
|
+
"analysisContext": {
|
|
452
|
+
"label": "Context",
|
|
453
|
+
"source": { "contentType": "analysis", "path": "data.aggregateContextInterpretation" },
|
|
454
|
+
"humanReadable": false,
|
|
455
|
+
"list": false,
|
|
456
|
+
"item": true,
|
|
457
|
+
"valueType": "object"
|
|
294
458
|
}
|
|
295
459
|
},
|
|
296
460
|
"associatedProperties": [
|
|
297
461
|
{
|
|
298
|
-
"name": "
|
|
462
|
+
"name": "associatedAssetsSnapshots",
|
|
299
463
|
"contentType": "snapshots",
|
|
300
464
|
"kind": "associated",
|
|
301
465
|
"valueShape": "array<object>",
|
|
@@ -305,6 +469,18 @@
|
|
|
305
469
|
"managed": true,
|
|
306
470
|
"refreshRuleKey": "subnets.assets.snapshots.by-cidr",
|
|
307
471
|
"sourceCollection": "assets-snapshots"
|
|
472
|
+
},
|
|
473
|
+
{
|
|
474
|
+
"name": "associatedTopologyZonesAnalysis",
|
|
475
|
+
"contentType": "snapshots",
|
|
476
|
+
"kind": "associated",
|
|
477
|
+
"valueShape": "array<object>",
|
|
478
|
+
"linkedObjectType": "topology-zones",
|
|
479
|
+
"linkedContentType": "analysis",
|
|
480
|
+
"description": "Zone cyber-analysis joined from subnet data.zone to topology-zones-analysis.data.name.",
|
|
481
|
+
"managed": true,
|
|
482
|
+
"refreshRuleKey": "subnets.topology-zones.analysis.by-zone-name",
|
|
483
|
+
"sourceCollection": "topology-zones-analysis"
|
|
308
484
|
}
|
|
309
485
|
],
|
|
310
486
|
"processing": {
|
|
@@ -325,6 +501,33 @@
|
|
|
325
501
|
}
|
|
326
502
|
}
|
|
327
503
|
],
|
|
504
|
+
"resolvers": [
|
|
505
|
+
{
|
|
506
|
+
"processorId": "subnets.subnet-key",
|
|
507
|
+
"resolverType": "subnet-key",
|
|
508
|
+
"kind": "function",
|
|
509
|
+
"config": {
|
|
510
|
+
"mode": "from-cidr",
|
|
511
|
+
"sourcePath": "data.cidr"
|
|
512
|
+
}
|
|
513
|
+
},
|
|
514
|
+
{
|
|
515
|
+
"processorId": "subnets.zone-from-topology",
|
|
516
|
+
"resolverType": "zone-from-topology",
|
|
517
|
+
"kind": "function",
|
|
518
|
+
"config": {
|
|
519
|
+
"onlyWhenZoneIs": "UNKNOWN",
|
|
520
|
+
"topologyRaw": {
|
|
521
|
+
"db": "memorix-knowledge",
|
|
522
|
+
"collection": "topology-raw"
|
|
523
|
+
},
|
|
524
|
+
"zonesRegistry": {
|
|
525
|
+
"db": "neo-memorix-entities",
|
|
526
|
+
"collection": "topology-zones-snapshots"
|
|
527
|
+
}
|
|
528
|
+
}
|
|
529
|
+
}
|
|
530
|
+
],
|
|
328
531
|
"insightStages": [
|
|
329
532
|
{
|
|
330
533
|
"processorId": "network.cidr-topology-path-resolver",
|
|
@@ -350,7 +553,9 @@
|
|
|
350
553
|
],
|
|
351
554
|
"associatedContent": {
|
|
352
555
|
"rollParentSnapshots": true,
|
|
353
|
-
"excludePostfixes": [
|
|
556
|
+
"excludePostfixes": [
|
|
557
|
+
"raw"
|
|
558
|
+
]
|
|
354
559
|
}
|
|
355
560
|
},
|
|
356
561
|
"relations": {}
|