@x12i/memorix-retrieval 1.31.0 → 1.32.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/catalox-seeds/inputs/entity-descriptors/assets.json +312 -7
- package/catalox-seeds/inputs/entity-descriptors/subnets.json +207 -2
- package/catalox-seeds/inputs/entity-descriptors/topology-zones.json +85 -0
- package/catalox-seeds/inputs/entity-descriptors/vulnerabilities-groups.json +255 -0
- package/catalox-seeds/inputs/entity-descriptors/vulnerabilities.json +294 -10
- package/catalox-seeds/inputs/item-descriptors/asset-detail-item.json +63 -14
- package/catalox-seeds/inputs/item-descriptors/subnet-detail-item.json +51 -17
- package/catalox-seeds/inputs/item-descriptors/vulnerabilities-group-detail-item.json +97 -0
- package/catalox-seeds/inputs/item-descriptors/vulnerability-detail-item.json +44 -40
- package/catalox-seeds/inputs/item-descriptors/vulnerability-observation-detail-item.json +42 -0
- package/catalox-seeds/inputs/list-descriptors/assets-exploitability-decisions-list.json +33 -0
- package/catalox-seeds/inputs/list-descriptors/assets-main-list.json +56 -2
- package/catalox-seeds/inputs/list-descriptors/assets-potential-impact-decisions-list.json +31 -0
- package/catalox-seeds/inputs/list-descriptors/subnets-main-list.json +107 -3
- package/catalox-seeds/inputs/list-descriptors/vulnerabilities-exploitability-analysis-list.json +29 -0
- package/catalox-seeds/inputs/list-descriptors/vulnerabilities-groups-main-list.json +98 -0
- package/catalox-seeds/inputs/list-descriptors/vulnerabilities-main-list.json +7 -1
- package/catalox-seeds/inputs/list-descriptors/vulnerabilities-observations-list.json +43 -0
- package/catalox-seeds/inputs/list-descriptors/vulnerabilities-triage-analysis-list.json +30 -0
- package/catalox-seeds/inputs/list-descriptors/vulnerable-assets-list.json +102 -0
- package/catalox-seeds/memorix-retrieval-descriptors.manifest.json +2512 -367
- package/dist/descriptors/descriptor-types.d.ts +38 -0
- package/dist/descriptors/descriptor-types.d.ts.map +1 -1
- package/dist/descriptors/validate-descriptor.d.ts +1 -0
- package/dist/descriptors/validate-descriptor.d.ts.map +1 -1
- package/dist/descriptors/validate-descriptor.js +27 -0
- package/dist/descriptors/validate-descriptor.js.map +1 -1
- package/dist/explorer/collection-records.d.ts.map +1 -1
- package/dist/explorer/collection-records.js +22 -2
- package/dist/explorer/collection-records.js.map +1 -1
- package/dist/explorer/raw-collection-records.d.ts +2 -0
- package/dist/explorer/raw-collection-records.d.ts.map +1 -1
- package/dist/explorer/raw-collection-records.js +1 -1
- package/dist/explorer/raw-collection-records.js.map +1 -1
- package/dist/index.d.ts +3 -2
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +2 -1
- package/dist/index.js.map +1 -1
- package/dist/mongo/env.d.ts +17 -0
- package/dist/mongo/env.d.ts.map +1 -1
- package/dist/mongo/env.js +73 -0
- package/dist/mongo/env.js.map +1 -1
- package/dist/retrieval/fetch-list.d.ts.map +1 -1
- package/dist/retrieval/fetch-list.js +3 -1
- package/dist/retrieval/fetch-list.js.map +1 -1
- package/dist/retrieval/fetch-narratives.d.ts +8 -0
- package/dist/retrieval/fetch-narratives.d.ts.map +1 -1
- package/dist/retrieval/fetch-narratives.js +39 -9
- package/dist/retrieval/fetch-narratives.js.map +1 -1
- package/dist/retrieval/narrative-list-filters.d.ts +30 -0
- package/dist/retrieval/narrative-list-filters.d.ts.map +1 -0
- package/dist/retrieval/narrative-list-filters.js +179 -0
- package/dist/retrieval/narrative-list-filters.js.map +1 -0
- package/dist/retrieval/resolve-filters.d.ts +11 -1
- package/dist/retrieval/resolve-filters.d.ts.map +1 -1
- package/dist/retrieval/resolve-filters.js +34 -7
- package/dist/retrieval/resolve-filters.js.map +1 -1
- package/dist/seeds/default-seed-spec.d.ts.map +1 -1
- package/dist/seeds/default-seed-spec.js +9 -0
- package/dist/seeds/default-seed-spec.js.map +1 -1
- package/dist/tests/resolve-filters.test.js +81 -4
- package/dist/tests/resolve-filters.test.js.map +1 -1
- package/docs/MEMORIX-CATALOX-CONTRACTS.md +2 -0
- package/package.json +5 -5
|
@@ -35,6 +35,21 @@
|
|
|
35
35
|
"snapshot.capturedAt",
|
|
36
36
|
"data.enrichment.enrichedAt"
|
|
37
37
|
]
|
|
38
|
+
},
|
|
39
|
+
"discovery": {
|
|
40
|
+
"postfix": "discovery",
|
|
41
|
+
"collection": "vulnerabilities-discovery",
|
|
42
|
+
"dataRoot": "data"
|
|
43
|
+
},
|
|
44
|
+
"decisions": {
|
|
45
|
+
"postfix": "decisions",
|
|
46
|
+
"collection": "vulnerabilities-decisions",
|
|
47
|
+
"dataRoot": "data"
|
|
48
|
+
},
|
|
49
|
+
"analysis": {
|
|
50
|
+
"postfix": "analysis",
|
|
51
|
+
"collection": "vulnerabilities-analysis",
|
|
52
|
+
"dataRoot": "data"
|
|
38
53
|
}
|
|
39
54
|
},
|
|
40
55
|
"properties": {
|
|
@@ -375,11 +390,105 @@
|
|
|
375
390
|
"list": false,
|
|
376
391
|
"item": true,
|
|
377
392
|
"valueType": "object"
|
|
393
|
+
},
|
|
394
|
+
"analysisBriefSummary": {
|
|
395
|
+
"label": "Brief Summary",
|
|
396
|
+
"source": { "contentType": "analysis", "path": "data.brief.summary" },
|
|
397
|
+
"humanReadable": true,
|
|
398
|
+
"list": true,
|
|
399
|
+
"item": true,
|
|
400
|
+
"valueType": "string"
|
|
401
|
+
},
|
|
402
|
+
"analysisBriefAnalysis": {
|
|
403
|
+
"label": "Brief Analysis",
|
|
404
|
+
"source": { "contentType": "analysis", "path": "data.brief.analysis" },
|
|
405
|
+
"humanReadable": true,
|
|
406
|
+
"list": true,
|
|
407
|
+
"item": true,
|
|
408
|
+
"valueType": "string"
|
|
409
|
+
},
|
|
410
|
+
"analysisBriefEvidence": {
|
|
411
|
+
"label": "Brief Evidence",
|
|
412
|
+
"source": { "contentType": "analysis", "path": "data.brief.evidence" },
|
|
413
|
+
"humanReadable": true,
|
|
414
|
+
"list": false,
|
|
415
|
+
"item": true,
|
|
416
|
+
"valueType": "string"
|
|
417
|
+
},
|
|
418
|
+
"analysisBriefGaps": {
|
|
419
|
+
"label": "Brief Gaps",
|
|
420
|
+
"source": { "contentType": "analysis", "path": "data.brief.gaps" },
|
|
421
|
+
"humanReadable": true,
|
|
422
|
+
"list": false,
|
|
423
|
+
"item": true,
|
|
424
|
+
"valueType": "string"
|
|
425
|
+
},
|
|
426
|
+
"analysisApplicability": {
|
|
427
|
+
"label": "Applicability",
|
|
428
|
+
"source": { "contentType": "analysis", "path": "data.applicability" },
|
|
429
|
+
"humanReadable": false,
|
|
430
|
+
"list": false,
|
|
431
|
+
"item": true,
|
|
432
|
+
"valueType": "object"
|
|
433
|
+
},
|
|
434
|
+
"analysisExploitability": {
|
|
435
|
+
"label": "Exploitability",
|
|
436
|
+
"source": { "contentType": "analysis", "path": "data.exploitability" },
|
|
437
|
+
"humanReadable": false,
|
|
438
|
+
"list": false,
|
|
439
|
+
"item": true,
|
|
440
|
+
"valueType": "object"
|
|
441
|
+
},
|
|
442
|
+
"analysisImpact": {
|
|
443
|
+
"label": "Impact",
|
|
444
|
+
"source": { "contentType": "analysis", "path": "data.impact" },
|
|
445
|
+
"humanReadable": false,
|
|
446
|
+
"list": false,
|
|
447
|
+
"item": true,
|
|
448
|
+
"valueType": "object"
|
|
449
|
+
},
|
|
450
|
+
"analysisThreat": {
|
|
451
|
+
"label": "Threat",
|
|
452
|
+
"source": { "contentType": "analysis", "path": "data.threat" },
|
|
453
|
+
"humanReadable": false,
|
|
454
|
+
"list": false,
|
|
455
|
+
"item": true,
|
|
456
|
+
"valueType": "object"
|
|
457
|
+
},
|
|
458
|
+
"analysisMitre": {
|
|
459
|
+
"label": "MITRE",
|
|
460
|
+
"source": { "contentType": "analysis", "path": "data.mitre" },
|
|
461
|
+
"humanReadable": false,
|
|
462
|
+
"list": false,
|
|
463
|
+
"item": true,
|
|
464
|
+
"valueType": "array"
|
|
465
|
+
},
|
|
466
|
+
"analysisClassType": {
|
|
467
|
+
"label": "Analysis Class",
|
|
468
|
+
"source": { "contentType": "analysis", "path": "data.class.type" },
|
|
469
|
+
"humanReadable": true,
|
|
470
|
+
"list": true,
|
|
471
|
+
"item": true,
|
|
472
|
+
"valueType": "string"
|
|
473
|
+
},
|
|
474
|
+
"analysisExploitabilityLevel": {
|
|
475
|
+
"label": "Exploitability Level (analysis)",
|
|
476
|
+
"source": { "contentType": "analysis", "path": "data.exploitability.exploitability" },
|
|
477
|
+
"humanReadable": true,
|
|
478
|
+
"list": true,
|
|
479
|
+
"item": true,
|
|
480
|
+
"valueType": "string"
|
|
378
481
|
}
|
|
379
482
|
},
|
|
483
|
+
"importanceIndicator": {
|
|
484
|
+
"path": "data.severity",
|
|
485
|
+
"valueKind": "severity",
|
|
486
|
+
"order": "desc",
|
|
487
|
+
"description": "Default vulnerability importance: critical > high > medium > low > none"
|
|
488
|
+
},
|
|
380
489
|
"associatedProperties": [
|
|
381
490
|
{
|
|
382
|
-
"name": "
|
|
491
|
+
"name": "associatedVulnerabilitiesGroupsSnapshots",
|
|
383
492
|
"contentType": "snapshots",
|
|
384
493
|
"kind": "associated",
|
|
385
494
|
"valueShape": "array<object>",
|
|
@@ -391,7 +500,19 @@
|
|
|
391
500
|
"sourceCollection": "vulnerabilities-groups-snapshots"
|
|
392
501
|
},
|
|
393
502
|
{
|
|
394
|
-
"name": "
|
|
503
|
+
"name": "associatedVulnerabilitiesGroupsEnrichment",
|
|
504
|
+
"contentType": "snapshots",
|
|
505
|
+
"kind": "associated",
|
|
506
|
+
"valueShape": "array<object>",
|
|
507
|
+
"linkedObjectType": "vulnerabilities-groups",
|
|
508
|
+
"linkedContentType": "snapshots",
|
|
509
|
+
"description": "Vulnerability group enrichment payloads (CVSS/EPSS/KEV/compositeScore) copied flat from vulnerabilities-groups-snapshots.enrichment when data.vulnerabilityName matches group data.name. Omitted when enrichment is missing or empty.",
|
|
510
|
+
"managed": true,
|
|
511
|
+
"refreshRuleKey": "vulnerabilities.vulnerability-groups.enrichment.by-name",
|
|
512
|
+
"sourceCollection": "vulnerabilities-groups-snapshots"
|
|
513
|
+
},
|
|
514
|
+
{
|
|
515
|
+
"name": "associatedVulnerabilitiesGroupsDiscovery",
|
|
395
516
|
"contentType": "snapshots",
|
|
396
517
|
"kind": "associated",
|
|
397
518
|
"valueShape": "array<object>",
|
|
@@ -403,7 +524,7 @@
|
|
|
403
524
|
"sourceCollection": "vulnerabilities-groups-discovery"
|
|
404
525
|
},
|
|
405
526
|
{
|
|
406
|
-
"name": "
|
|
527
|
+
"name": "associatedVulnerabilitiesGroupsAnalysis",
|
|
407
528
|
"contentType": "snapshots",
|
|
408
529
|
"kind": "associated",
|
|
409
530
|
"valueShape": "array<object>",
|
|
@@ -415,7 +536,7 @@
|
|
|
415
536
|
"sourceCollection": "vulnerabilities-groups-analysis"
|
|
416
537
|
},
|
|
417
538
|
{
|
|
418
|
-
"name": "
|
|
539
|
+
"name": "associatedAssetsSnapshots",
|
|
419
540
|
"contentType": "snapshots",
|
|
420
541
|
"kind": "associated",
|
|
421
542
|
"valueShape": "array<object>",
|
|
@@ -439,7 +560,7 @@
|
|
|
439
560
|
"sourceCollection": "subnets-snapshots"
|
|
440
561
|
},
|
|
441
562
|
{
|
|
442
|
-
"name": "
|
|
563
|
+
"name": "associatedVulnerabilitiesGroupsSnapshots",
|
|
443
564
|
"contentType": "snapshots",
|
|
444
565
|
"kind": "associated",
|
|
445
566
|
"valueShape": "array<object>",
|
|
@@ -451,7 +572,7 @@
|
|
|
451
572
|
"sourceCollection": "vulnerabilities-groups-snapshots"
|
|
452
573
|
},
|
|
453
574
|
{
|
|
454
|
-
"name": "
|
|
575
|
+
"name": "associatedVulnerabilitiesGroupsDiscovery",
|
|
455
576
|
"contentType": "snapshots",
|
|
456
577
|
"kind": "associated",
|
|
457
578
|
"valueShape": "array<object>",
|
|
@@ -463,7 +584,7 @@
|
|
|
463
584
|
"sourceCollection": "vulnerabilities-groups-discovery"
|
|
464
585
|
},
|
|
465
586
|
{
|
|
466
|
-
"name": "
|
|
587
|
+
"name": "associatedVulnerabilitiesGroupsAnalysis",
|
|
467
588
|
"contentType": "snapshots",
|
|
468
589
|
"kind": "associated",
|
|
469
590
|
"valueShape": "array<object>",
|
|
@@ -473,6 +594,30 @@
|
|
|
473
594
|
"managed": true,
|
|
474
595
|
"refreshRuleKey": "vulnerabilities.vulnerability-groups.analysis.explicit.by-name",
|
|
475
596
|
"sourceCollection": "vulnerabilities-groups-analysis"
|
|
597
|
+
},
|
|
598
|
+
{
|
|
599
|
+
"name": "associatedVulnerabilitiesDiscovery",
|
|
600
|
+
"contentType": "snapshots",
|
|
601
|
+
"kind": "associated",
|
|
602
|
+
"valueShape": "array<object>",
|
|
603
|
+
"linkedObjectType": "vulnerabilities",
|
|
604
|
+
"linkedContentType": "discovery",
|
|
605
|
+
"description": "Vulnerability discovery payloads copied from vulnerabilities-discovery.data after matching vulnerabilities-snapshots by data.assetIp and resolving content by snapshot recordId.",
|
|
606
|
+
"managed": true,
|
|
607
|
+
"refreshRuleKey": "vulnerabilities.vulnerabilities.discovery.by-assetIp",
|
|
608
|
+
"sourceCollection": "vulnerabilities-discovery"
|
|
609
|
+
},
|
|
610
|
+
{
|
|
611
|
+
"name": "associatedVulnerabilitiesDecisions",
|
|
612
|
+
"contentType": "snapshots",
|
|
613
|
+
"kind": "associated",
|
|
614
|
+
"valueShape": "array<object>",
|
|
615
|
+
"linkedObjectType": "vulnerabilities",
|
|
616
|
+
"linkedContentType": "decisions",
|
|
617
|
+
"description": "Vulnerability decision payloads copied from vulnerabilities-decisions.data after matching vulnerabilities-snapshots by data.assetIp and resolving content by snapshot recordId.",
|
|
618
|
+
"managed": true,
|
|
619
|
+
"refreshRuleKey": "vulnerabilities.vulnerabilities.decisions.by-assetIp",
|
|
620
|
+
"sourceCollection": "vulnerabilities-decisions"
|
|
476
621
|
}
|
|
477
622
|
],
|
|
478
623
|
"processing": {
|
|
@@ -516,17 +661,156 @@
|
|
|
516
661
|
}
|
|
517
662
|
}
|
|
518
663
|
],
|
|
664
|
+
"resolvers": [
|
|
665
|
+
{
|
|
666
|
+
"processorId": "vulnerabilities.topology-extractor",
|
|
667
|
+
"resolverType": "topology-extractor",
|
|
668
|
+
"kind": "function",
|
|
669
|
+
"config": {
|
|
670
|
+
"mode": "subnet-lookup",
|
|
671
|
+
"assetIpPath": "data.assetIp",
|
|
672
|
+
"sourcePaths": [
|
|
673
|
+
"associatedVulnerabilitiesGroupsSnapshots"
|
|
674
|
+
],
|
|
675
|
+
"outputPath": "associatedTopology",
|
|
676
|
+
"canonicalCollection": {
|
|
677
|
+
"db": "neo-memorix-entities",
|
|
678
|
+
"collection": "subnets-snapshots"
|
|
679
|
+
}
|
|
680
|
+
}
|
|
681
|
+
}
|
|
682
|
+
],
|
|
519
683
|
"associatedContent": {
|
|
520
684
|
"rollParentSnapshots": true,
|
|
521
|
-
"excludePostfixes": [
|
|
685
|
+
"excludePostfixes": [
|
|
686
|
+
"raw"
|
|
687
|
+
]
|
|
522
688
|
}
|
|
523
689
|
},
|
|
524
690
|
"narratives": {
|
|
525
691
|
"has-assets": {
|
|
526
692
|
"label": "Has assets",
|
|
693
|
+
"displayName": "Has assets",
|
|
527
694
|
"kind": "having-signal",
|
|
695
|
+
"visibility": "user",
|
|
528
696
|
"sourceRef": "affectedAsset",
|
|
529
697
|
"targetEntity": "assets"
|
|
698
|
+
},
|
|
699
|
+
"lack-analysis-decision": {
|
|
700
|
+
"label": "Analysis without decision",
|
|
701
|
+
"displayName": "Analysis without decision",
|
|
702
|
+
"description": "Linked vulnerabilities-analysis exists but data.decision is missing or empty.",
|
|
703
|
+
"kind": "association-common-property",
|
|
704
|
+
"visibility": "internal",
|
|
705
|
+
"sourceRef": "vulnerabilities-analysis",
|
|
706
|
+
"property": "decision"
|
|
707
|
+
},
|
|
708
|
+
"has-vulnerability-lack-analysis-decision": {
|
|
709
|
+
"label": "Has vulnerability lacking analysis decision",
|
|
710
|
+
"displayName": "Lacking analysis decision",
|
|
711
|
+
"description": "Alias of lack-analysis-decision for has-* consumers.",
|
|
712
|
+
"kind": "association-common-property",
|
|
713
|
+
"visibility": "internal",
|
|
714
|
+
"sourceRef": "vulnerabilities-analysis",
|
|
715
|
+
"property": "decision"
|
|
716
|
+
},
|
|
717
|
+
"is-vulnerability": {
|
|
718
|
+
"label": "Is vulnerability",
|
|
719
|
+
"displayName": "Vulnerability",
|
|
720
|
+
"description": "Security-impacting scanner result (severity low/medium/high/critical).",
|
|
721
|
+
"kind": "product-narrative",
|
|
722
|
+
"visibility": "user"
|
|
723
|
+
},
|
|
724
|
+
"is-finding": {
|
|
725
|
+
"label": "Is finding",
|
|
726
|
+
"displayName": "Informational finding",
|
|
727
|
+
"description": "Informational scanner result (severity none/unknown).",
|
|
728
|
+
"kind": "product-narrative",
|
|
729
|
+
"visibility": "user"
|
|
730
|
+
},
|
|
731
|
+
"has-analysis": {
|
|
732
|
+
"label": "Has analysis",
|
|
733
|
+
"displayName": "Has analysis",
|
|
734
|
+
"kind": "rollup",
|
|
735
|
+
"visibility": "user"
|
|
736
|
+
},
|
|
737
|
+
"has-fix-immediately-decision": {
|
|
738
|
+
"label": "Fix immediately",
|
|
739
|
+
"displayName": "Fix Immediately",
|
|
740
|
+
"kind": "rollup",
|
|
741
|
+
"visibility": "user"
|
|
742
|
+
},
|
|
743
|
+
"has-remediate-soon-decision": {
|
|
744
|
+
"label": "Remediate soon",
|
|
745
|
+
"displayName": "Remediate Soon",
|
|
746
|
+
"kind": "rollup",
|
|
747
|
+
"visibility": "user"
|
|
748
|
+
},
|
|
749
|
+
"has-mitigate-decision": {
|
|
750
|
+
"label": "Mitigate",
|
|
751
|
+
"displayName": "Mitigate",
|
|
752
|
+
"kind": "rollup",
|
|
753
|
+
"visibility": "user"
|
|
754
|
+
},
|
|
755
|
+
"has-accept-decision": {
|
|
756
|
+
"label": "Accept",
|
|
757
|
+
"displayName": "Accept Risk",
|
|
758
|
+
"kind": "rollup",
|
|
759
|
+
"visibility": "user"
|
|
760
|
+
},
|
|
761
|
+
"has-triage-decision": {
|
|
762
|
+
"label": "Has triage decision",
|
|
763
|
+
"displayName": "Triaged",
|
|
764
|
+
"kind": "rollup",
|
|
765
|
+
"visibility": "user"
|
|
766
|
+
},
|
|
767
|
+
"has-breach-vector": {
|
|
768
|
+
"label": "Breach vector",
|
|
769
|
+
"displayName": "Breach Vector",
|
|
770
|
+
"kind": "rollup",
|
|
771
|
+
"visibility": "user"
|
|
772
|
+
},
|
|
773
|
+
"has-critical-severity": {
|
|
774
|
+
"label": "Critical severity",
|
|
775
|
+
"displayName": "Critical",
|
|
776
|
+
"kind": "rollup",
|
|
777
|
+
"visibility": "user"
|
|
778
|
+
},
|
|
779
|
+
"has-high-severity": {
|
|
780
|
+
"label": "High severity",
|
|
781
|
+
"displayName": "High",
|
|
782
|
+
"kind": "rollup",
|
|
783
|
+
"visibility": "user"
|
|
784
|
+
},
|
|
785
|
+
"has-medium-severity": {
|
|
786
|
+
"label": "Medium severity",
|
|
787
|
+
"displayName": "Medium",
|
|
788
|
+
"kind": "rollup",
|
|
789
|
+
"visibility": "user"
|
|
790
|
+
},
|
|
791
|
+
"has-low-severity": {
|
|
792
|
+
"label": "Low severity",
|
|
793
|
+
"displayName": "Low",
|
|
794
|
+
"kind": "rollup",
|
|
795
|
+
"visibility": "user"
|
|
796
|
+
},
|
|
797
|
+
"has-none-severity": {
|
|
798
|
+
"label": "None severity",
|
|
799
|
+
"displayName": "None",
|
|
800
|
+
"kind": "rollup",
|
|
801
|
+
"visibility": "internal"
|
|
802
|
+
},
|
|
803
|
+
"has-tenable-nessus-finding": {
|
|
804
|
+
"label": "Tenable Nessus finding",
|
|
805
|
+
"displayName": "Tenable Nessus",
|
|
806
|
+
"kind": "rollup",
|
|
807
|
+
"visibility": "user"
|
|
808
|
+
},
|
|
809
|
+
"lack-analysis": {
|
|
810
|
+
"label": "Lack analysis",
|
|
811
|
+
"displayName": "Missing analysis",
|
|
812
|
+
"kind": "gap-signal",
|
|
813
|
+
"visibility": "internal"
|
|
530
814
|
}
|
|
531
815
|
},
|
|
532
816
|
"relations": {
|
|
@@ -542,7 +826,7 @@
|
|
|
542
826
|
"path": "data.assetIps"
|
|
543
827
|
},
|
|
544
828
|
"defaultMode": "array",
|
|
545
|
-
"defaultArrayProperty": "
|
|
829
|
+
"defaultArrayProperty": "associatedAssetsSnapshots",
|
|
546
830
|
"targetFields": [
|
|
547
831
|
"ipAddress",
|
|
548
832
|
"hostName",
|
|
@@ -563,7 +847,7 @@
|
|
|
563
847
|
"path": "data.name"
|
|
564
848
|
},
|
|
565
849
|
"defaultMode": "array",
|
|
566
|
-
"defaultArrayProperty": "
|
|
850
|
+
"defaultArrayProperty": "associatedVulnerabilitiesGroupsSnapshots",
|
|
567
851
|
"targetFields": [
|
|
568
852
|
"name",
|
|
569
853
|
"severity",
|
|
@@ -18,9 +18,68 @@
|
|
|
18
18
|
"data.lastSeen"
|
|
19
19
|
]
|
|
20
20
|
}
|
|
21
|
+
},
|
|
22
|
+
{
|
|
23
|
+
"contentType": "analysis",
|
|
24
|
+
"required": false,
|
|
25
|
+
"multiMatch": {
|
|
26
|
+
"strategy": "last",
|
|
27
|
+
"effectiveDatePath": "capturedAt",
|
|
28
|
+
"fallbackEffectiveDatePaths": ["modifiedAt", "createdAt"]
|
|
29
|
+
}
|
|
30
|
+
},
|
|
31
|
+
{
|
|
32
|
+
"contentType": "decisions",
|
|
33
|
+
"required": false,
|
|
34
|
+
"multiMatch": {
|
|
35
|
+
"strategy": "last",
|
|
36
|
+
"effectiveDatePath": "capturedAt",
|
|
37
|
+
"fallbackEffectiveDatePaths": ["modifiedAt", "createdAt"]
|
|
38
|
+
}
|
|
21
39
|
}
|
|
22
40
|
],
|
|
23
41
|
"sections": [
|
|
42
|
+
{
|
|
43
|
+
"id": "brief",
|
|
44
|
+
"title": "Brief",
|
|
45
|
+
"fields": [
|
|
46
|
+
"analysisBriefSummary",
|
|
47
|
+
"analysisBriefTakeaway",
|
|
48
|
+
"analysisBriefConfidence"
|
|
49
|
+
]
|
|
50
|
+
},
|
|
51
|
+
{
|
|
52
|
+
"id": "context",
|
|
53
|
+
"title": "Context",
|
|
54
|
+
"fields": ["analysisContext"]
|
|
55
|
+
},
|
|
56
|
+
{
|
|
57
|
+
"id": "reachability",
|
|
58
|
+
"title": "Reachability",
|
|
59
|
+
"fields": ["analysisReachability"]
|
|
60
|
+
},
|
|
61
|
+
{
|
|
62
|
+
"id": "paths",
|
|
63
|
+
"title": "Paths",
|
|
64
|
+
"fields": ["analysisPaths", "attackPathExistence", "pathsCount"]
|
|
65
|
+
},
|
|
66
|
+
{
|
|
67
|
+
"id": "exploitability",
|
|
68
|
+
"title": "Exploitability",
|
|
69
|
+
"fields": ["decisionExploitability"]
|
|
70
|
+
},
|
|
71
|
+
{
|
|
72
|
+
"id": "decision",
|
|
73
|
+
"title": "Decision",
|
|
74
|
+
"fields": [
|
|
75
|
+
"decisionOverviewSummary",
|
|
76
|
+
"decisionOverviewDetailedAnalysis",
|
|
77
|
+
"decisionLabel",
|
|
78
|
+
"decisionStatus",
|
|
79
|
+
"decisionRiskScore",
|
|
80
|
+
"decisionUrgencyScore"
|
|
81
|
+
]
|
|
82
|
+
},
|
|
24
83
|
{
|
|
25
84
|
"id": "summary",
|
|
26
85
|
"title": "Summary",
|
|
@@ -33,6 +92,7 @@
|
|
|
33
92
|
"agentType",
|
|
34
93
|
"xdrOperationalStatus",
|
|
35
94
|
"xdrAgentStatus",
|
|
95
|
+
"observedUsers",
|
|
36
96
|
"lastSeen",
|
|
37
97
|
"pathsCount"
|
|
38
98
|
]
|
|
@@ -44,7 +104,8 @@
|
|
|
44
104
|
"criticalVulnerabilities",
|
|
45
105
|
"highVulnerabilities",
|
|
46
106
|
"mediumVulnerabilities",
|
|
47
|
-
"lowVulnerabilities"
|
|
107
|
+
"lowVulnerabilities",
|
|
108
|
+
"findingsCount"
|
|
48
109
|
]
|
|
49
110
|
},
|
|
50
111
|
{
|
|
@@ -55,13 +116,6 @@
|
|
|
55
116
|
"potentialImpactConfidence",
|
|
56
117
|
"potentialImpactStory"
|
|
57
118
|
]
|
|
58
|
-
},
|
|
59
|
-
{
|
|
60
|
-
"id": "xdr",
|
|
61
|
-
"title": "XDR",
|
|
62
|
-
"fields": [
|
|
63
|
-
"rawXdr"
|
|
64
|
-
]
|
|
65
119
|
}
|
|
66
120
|
],
|
|
67
121
|
"includeRelations": [
|
|
@@ -69,12 +123,7 @@
|
|
|
69
123
|
"relation": "assetSubnet",
|
|
70
124
|
"mode": "record",
|
|
71
125
|
"limit": 1,
|
|
72
|
-
"fields": [
|
|
73
|
-
"cidr",
|
|
74
|
-
"subnetIp",
|
|
75
|
-
"zone",
|
|
76
|
-
"vr"
|
|
77
|
-
]
|
|
126
|
+
"fields": ["cidr", "subnetIp", "zone", "vr"]
|
|
78
127
|
},
|
|
79
128
|
{
|
|
80
129
|
"relation": "assetVulnerabilities",
|
|
@@ -12,10 +12,16 @@
|
|
|
12
12
|
"multiMatch": {
|
|
13
13
|
"strategy": "last",
|
|
14
14
|
"effectiveDatePath": "capturedAt",
|
|
15
|
-
"fallbackEffectiveDatePaths": [
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
15
|
+
"fallbackEffectiveDatePaths": ["modifiedAt", "createdAt"]
|
|
16
|
+
}
|
|
17
|
+
},
|
|
18
|
+
{
|
|
19
|
+
"contentType": "analysis",
|
|
20
|
+
"required": false,
|
|
21
|
+
"multiMatch": {
|
|
22
|
+
"strategy": "last",
|
|
23
|
+
"effectiveDatePath": "capturedAt",
|
|
24
|
+
"fallbackEffectiveDatePaths": ["modifiedAt", "createdAt"]
|
|
19
25
|
}
|
|
20
26
|
},
|
|
21
27
|
{
|
|
@@ -24,14 +30,46 @@
|
|
|
24
30
|
"multiMatch": {
|
|
25
31
|
"strategy": "last",
|
|
26
32
|
"effectiveDatePath": "capturedAt",
|
|
27
|
-
"fallbackEffectiveDatePaths": [
|
|
28
|
-
"modifiedAt",
|
|
29
|
-
"createdAt"
|
|
30
|
-
]
|
|
33
|
+
"fallbackEffectiveDatePaths": ["modifiedAt", "createdAt"]
|
|
31
34
|
}
|
|
32
35
|
}
|
|
33
36
|
],
|
|
34
37
|
"sections": [
|
|
38
|
+
{
|
|
39
|
+
"id": "overview",
|
|
40
|
+
"title": "Overview",
|
|
41
|
+
"fields": ["analysisOverview", "analysisOverviewSummary"]
|
|
42
|
+
},
|
|
43
|
+
{
|
|
44
|
+
"id": "role",
|
|
45
|
+
"title": "Role",
|
|
46
|
+
"fields": ["analysisRole"]
|
|
47
|
+
},
|
|
48
|
+
{
|
|
49
|
+
"id": "exposure",
|
|
50
|
+
"title": "Exposure",
|
|
51
|
+
"fields": ["analysisExposure", "outsideExposureClass"]
|
|
52
|
+
},
|
|
53
|
+
{
|
|
54
|
+
"id": "trust",
|
|
55
|
+
"title": "Trust",
|
|
56
|
+
"fields": ["analysisTrust"]
|
|
57
|
+
},
|
|
58
|
+
{
|
|
59
|
+
"id": "attack-path",
|
|
60
|
+
"title": "Attack Path",
|
|
61
|
+
"fields": ["analysisAttackPath"]
|
|
62
|
+
},
|
|
63
|
+
{
|
|
64
|
+
"id": "movement",
|
|
65
|
+
"title": "Movement",
|
|
66
|
+
"fields": ["analysisMovement"]
|
|
67
|
+
},
|
|
68
|
+
{
|
|
69
|
+
"id": "context",
|
|
70
|
+
"title": "Context",
|
|
71
|
+
"fields": ["analysisContext"]
|
|
72
|
+
},
|
|
35
73
|
{
|
|
36
74
|
"id": "summary",
|
|
37
75
|
"title": "Summary",
|
|
@@ -41,6 +79,11 @@
|
|
|
41
79
|
"zone",
|
|
42
80
|
"zoneClass",
|
|
43
81
|
"vr",
|
|
82
|
+
"assetsCount",
|
|
83
|
+
"findingsCount",
|
|
84
|
+
"vulnerabilitiesCount",
|
|
85
|
+
"criticalVulnerabilities",
|
|
86
|
+
"highVulnerabilities",
|
|
44
87
|
"recordId"
|
|
45
88
|
]
|
|
46
89
|
},
|
|
@@ -56,15 +99,6 @@
|
|
|
56
99
|
"reachableFromZones",
|
|
57
100
|
"zoneMappingConfidence"
|
|
58
101
|
]
|
|
59
|
-
},
|
|
60
|
-
{
|
|
61
|
-
"id": "legacy",
|
|
62
|
-
"title": "Legacy (quarantined)",
|
|
63
|
-
"fields": [
|
|
64
|
-
"quarantineLegacy",
|
|
65
|
-
"legacySubnetIp",
|
|
66
|
-
"quarantineReason"
|
|
67
|
-
]
|
|
68
102
|
}
|
|
69
103
|
],
|
|
70
104
|
"includeRelations": [],
|