PyPI - cartography - Versions diffs - 0.107.0rc1__py3-none-any.whl → 0.107.0rc3__py3-none-any.whl - Mend

cartography 0.107.0rc1py3-none-any.whl → 0.107.0rc3py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of cartography might be problematic. Click here for more details.

Files changed (23) hide show

cartography/_version.py CHANGED Viewed

@@ -17,5 +17,5 @@ __version__: str
 __version_tuple__: VERSION_TUPLE
 version_tuple: VERSION_TUPLE
-__version__ = version = '0.107.0rc1'
-__version_tuple__ = version_tuple = (0, 107, 0, 'rc1')
+__version__ = version = '0.107.0rc3'
+__version_tuple__ = version_tuple = (0, 107, 0, 'rc3')

cartography/intel/aws/cloudwatch.py CHANGED Viewed

@@ -9,6 +9,9 @@ import neo4j
 from cartography.client.core.tx import load
 from cartography.graph.job import GraphJob
 from cartography.intel.aws.ec2.util import get_botocore_config
+from cartography.models.aws.cloudwatch.log_metric_filter import (
+    CloudWatchLogMetricFilterSchema,
+)
 from cartography.models.aws.cloudwatch.loggroup import CloudWatchLogGroupSchema
 from cartography.util import aws_handle_regions
 from cartography.util import timeit
@@ -31,6 +34,47 @@ def get_cloudwatch_log_groups(
     return logGroups
+@timeit
+@aws_handle_regions
+def get_cloudwatch_log_metric_filters(
+    boto3_session: boto3.Session, region: str
+) -> List[Dict[str, Any]]:
+    logs_client = boto3_session.client(
+        "logs", region_name=region, config=get_botocore_config()
+    )
+    paginator = logs_client.get_paginator("describe_metric_filters")
+    metric_filters = []
+    for page in paginator.paginate():
+        metric_filters.extend(page.get("metricFilters", []))
+    return metric_filters
+def transform_metric_filters(
+    metric_filters: List[Dict[str, Any]], region: str
+) -> List[Dict[str, Any]]:
+    """
+    Transform CloudWatch log metric filter data for ingestion into Neo4j.
+    Ensures that the 'id' field is a unique combination of logGroupName and filterName.
+    """
+    transformed_filters = []
+    for filter in metric_filters:
+        transformed_filter = {
+            "id": f"{filter['logGroupName']}:{filter['filterName']}",
+            "arn": f"{filter['logGroupName']}:{filter['filterName']}",
+            "filterName": filter["filterName"],
+            "filterPattern": filter.get("filterPattern"),
+            "logGroupName": filter["logGroupName"],
+            "metricName": filter["metricTransformations"][0]["metricName"],
+            "metricNamespace": filter["metricTransformations"][0]["metricNamespace"],
+            "metricValue": filter["metricTransformations"][0]["metricValue"],
+            "Region": region,
+        }
+        transformed_filters.append(transformed_filter)
+    return transformed_filters
 @timeit
 def load_cloudwatch_log_groups(
     neo4j_session: neo4j.Session,
@@ -52,6 +96,27 @@ def load_cloudwatch_log_groups(
     )
+@timeit
+def load_cloudwatch_log_metric_filters(
+    neo4j_session: neo4j.Session,
+    data: List[Dict[str, Any]],
+    region: str,
+    current_aws_account_id: str,
+    aws_update_tag: int,
+) -> None:
+    logger.info(
+        f"Loading CloudWatch {len(data)} log metric filters for region '{region}' into graph.",
+    )
+    load(
+        neo4j_session,
+        CloudWatchLogMetricFilterSchema(),
+        data,
+        lastupdated=aws_update_tag,
+        Region=region,
+        AWS_ID=current_aws_account_id,
+    )
 @timeit
 def cleanup(
     neo4j_session: neo4j.Session,
@@ -62,6 +127,9 @@ def cleanup(
         CloudWatchLogGroupSchema(), common_job_parameters
     )
     cleanup_job.run(neo4j_session)
+    GraphJob.from_node_schema(
+        CloudWatchLogMetricFilterSchema(), common_job_parameters
+    ).run(neo4j_session)
 @timeit
@@ -90,4 +158,13 @@ def sync(
             update_tag,
         )
+        metric_filters = get_cloudwatch_log_metric_filters(boto3_session, region)
+        transformed_filters = transform_metric_filters(metric_filters, region)
+        load_cloudwatch_log_metric_filters(
+            neo4j_session,
+            transformed_filters,
+            region,
+            current_aws_account_id,
+            update_tag,
+        )
     cleanup(neo4j_session, common_job_parameters)

cartography/intel/aws/ec2/subnets.py CHANGED Viewed

@@ -53,7 +53,7 @@ def load_subnets(
     snet.state = subnet.State, snet.assignipv6addressoncreation = subnet.AssignIpv6AddressOnCreation,
     snet.map_public_ip_on_launch = subnet.MapPublicIpOnLaunch, snet.subnet_arn = subnet.SubnetArn,
     snet.availability_zone = subnet.AvailabilityZone, snet.availability_zone_id = subnet.AvailabilityZoneId,
-    snet.subnetid = subnet.SubnetId
+    snet.subnet_id = subnet.SubnetId
     """
     ingest_subnet_vpc_relations = """

cartography/intel/aws/ecs.py CHANGED Viewed

@@ -169,6 +169,22 @@ def _get_containers_from_tasks(tasks: list[dict[str, Any]]) -> list[dict[str, An
     return containers
+def transform_ecs_tasks(tasks: list[dict[str, Any]]) -> list[dict[str, Any]]:
+    """
+    Extract network interface ID from task attachments.
+    """
+    for task in tasks:
+        for attachment in task.get("attachments", []):
+            if attachment.get("type") == "ElasticNetworkInterface":
+                details = attachment.get("details", [])
+                for detail in details:
+                    if detail.get("name") == "networkInterfaceId":
+                        task["networkInterfaceId"] = detail.get("value")
+                        break
+                break
+    return tasks
 @timeit
 def load_ecs_clusters(
     neo4j_session: neo4j.Session,
@@ -407,6 +423,7 @@ def _sync_ecs_task_and_container_defns(
         boto3_session,
         region,
     )
+    tasks = transform_ecs_tasks(tasks)
     containers = _get_containers_from_tasks(tasks)
     load_ecs_tasks(
         neo4j_session,

cartography/intel/aws/inspector.py CHANGED Viewed

@@ -3,14 +3,17 @@ from typing import Any
 from typing import Dict
 from typing import Iterator
 from typing import List
+from typing import Set
 from typing import Tuple
 import boto3
 import neo4j
 from cartography.client.core.tx import load
+from cartography.client.core.tx import load_matchlinks
 from cartography.graph.job import GraphJob
 from cartography.models.aws.inspector.findings import AWSInspectorFindingSchema
+from cartography.models.aws.inspector.findings import InspectorFindingToPackageMatchLink
 from cartography.models.aws.inspector.packages import AWSInspectorPackageSchema
 from cartography.util import aws_handle_regions
 from cartography.util import aws_paginate
@@ -107,9 +110,10 @@ def get_inspector_findings(
 def transform_inspector_findings(
     results: List[Dict[str, Any]],
-) -> Tuple[List[Dict[str, Any]], List[Dict[str, Any]]]:
+) -> Tuple[List[Dict[str, Any]], List[Dict[str, Any]], List[Dict[str, str]]]:
     findings_list: List[Dict] = []
-    packages: Dict[str, Any] = {}
+    packages_set: Set[frozenset] = set()
+    finding_to_package_map: List[Dict[str, str]] = []
     for f in results:
         finding: Dict = {}
@@ -163,55 +167,45 @@ def transform_inspector_findings(
                 "vendorUpdatedAt",
             )
-            new_packages = _process_packages(
-                f["packageVulnerabilityDetails"],
-                f["awsAccountId"],
-                f["findingArn"],
-            )
-            finding["vulnerablepackageids"] = list(new_packages.keys())
-            packages = {**packages, **new_packages}
+            packages = transform_inspector_packages(f["packageVulnerabilityDetails"])
+            finding["vulnerablepackageids"] = list(packages.keys())
+            for package_id, package in packages.items():
+                finding_to_package_map.append(
+                    {
+                        "findingarn": finding["id"],
+                        "packageid": package_id,
+                        "remediation": package.get("remediation"),
+                        "fixedInVersion": package.get("fixedInVersion"),
+                        "filePath": package.get("filePath"),
+                        "sourceLayerHash": package.get("sourceLayerHash"),
+                        "sourceLambdaLayerArn": package.get("sourceLambdaLayerArn"),
+                    }
+                )
+                packages_set.add(frozenset(package.items()))
         findings_list.append(finding)
-    packages_list = transform_inspector_packages(packages)
-    return findings_list, packages_list
+    packages_list = [dict(p) for p in packages_set]
+    return findings_list, packages_list, finding_to_package_map
-def transform_inspector_packages(packages: Dict[str, Any]) -> List[Dict[str, Any]]:
-    packages_list: List[Dict] = []
-    for package_id in packages.keys():
-        packages_list.append(packages[package_id])
-    return packages_list
-def _process_packages(
+def transform_inspector_packages(
     package_details: Dict[str, Any],
-    aws_account_id: str,
-    finding_arn: str,
 ) -> Dict[str, Any]:
     packages: Dict[str, Any] = {}
     for package in package_details["vulnerablePackages"]:
-        new_package = {}
-        new_package["id"] = (
-            f"{package.get('name', '')}|"
-            f"{package.get('arch', '')}|"
-            f"{package.get('version', '')}|"
-            f"{package.get('release', '')}|"
-            f"{package.get('epoch', '')}"
-        )
-        new_package["name"] = package.get("name")
-        new_package["arch"] = package.get("arch")
-        new_package["version"] = package.get("version")
-        new_package["release"] = package.get("release")
-        new_package["epoch"] = package.get("epoch")
-        new_package["manager"] = package.get("packageManager")
-        new_package["filepath"] = package.get("filePath")
-        new_package["fixedinversion"] = package.get("fixedInVersion")
-        new_package["sourcelayerhash"] = package.get("sourceLayerHash")
-        new_package["awsaccount"] = aws_account_id
-        new_package["findingarn"] = finding_arn
-        packages[new_package["id"]] = new_package
+        # Following RPM package naming convention for consistency
+        name = package["name"]  # Mandatory field
+        epoch = str(package.get("epoch", ""))
+        if epoch:
+            epoch = f"{epoch}:"
+        version = package["version"]  # Mandatory field
+        release = package.get("release", "")
+        if release:
+            release = f"-{release}"
+        arch = package.get("arch", "")
+        if arch:
+            arch = f".{arch}"
+        id = f"{name}|{epoch}{version}{release}{arch}"
+        packages[id] = {**package, "id": id}
     return packages
@@ -244,7 +238,6 @@ def load_inspector_findings(
 def load_inspector_packages(
     neo4j_session: neo4j.Session,
     packages: List[Dict[str, Any]],
-    region: str,
     aws_update_tag: int,
     current_aws_account_id: str,
 ) -> None:
@@ -252,12 +245,28 @@ def load_inspector_packages(
         neo4j_session,
         AWSInspectorPackageSchema(),
         packages,
-        Region=region,
         AWS_ID=current_aws_account_id,
         lastupdated=aws_update_tag,
     )
+@timeit
+def load_inspector_finding_to_package_match_links(
+    neo4j_session: neo4j.Session,
+    finding_to_package_map: List[Dict[str, str]],
+    aws_update_tag: int,
+    current_aws_account_id: str,
+) -> None:
+    load_matchlinks(
+        neo4j_session,
+        InspectorFindingToPackageMatchLink(),
+        finding_to_package_map,
+        lastupdated=aws_update_tag,
+        _sub_resource_label="AWSAccount",
+        _sub_resource_id=current_aws_account_id,
+    )
 @timeit
 def cleanup(
     neo4j_session: neo4j.Session,
@@ -270,6 +279,14 @@ def cleanup(
     GraphJob.from_node_schema(AWSInspectorPackageSchema(), common_job_parameters).run(
         neo4j_session,
     )
+    GraphJob.from_matchlink(
+        InspectorFindingToPackageMatchLink(),
+        "AWSAccount",
+        common_job_parameters["ACCOUNT_ID"],
+        common_job_parameters["UPDATE_TAG"],
+    ).run(
+        neo4j_session,
+    )
 def _sync_findings_for_account(
@@ -288,7 +305,9 @@ def _sync_findings_for_account(
         logger.info(f"No findings to sync for account {account_id} in region {region}")
         return
     for f_batch in findings:
-        finding_data, package_data = transform_inspector_findings(f_batch)
+        finding_data, package_data, finding_to_package_map = (
+            transform_inspector_findings(f_batch)
+        )
         logger.info(f"Loading {len(finding_data)} findings from account {account_id}")
         load_inspector_findings(
             neo4j_session,
@@ -301,7 +320,15 @@ def _sync_findings_for_account(
         load_inspector_packages(
             neo4j_session,
             package_data,
-            region,
+            update_tag,
+            current_aws_account_id,
+        )
+        logger.info(
+            f"Loading {len(finding_to_package_map)} finding to package relationships"
+        )
+        load_inspector_finding_to_package_match_links(
+            neo4j_session,
+            finding_to_package_map,
             update_tag,
             current_aws_account_id,
         )
@@ -337,5 +364,7 @@ def sync(
                 update_tag,
                 current_aws_account_id,
             )
+        common_job_parameters["ACCOUNT_ID"] = current_aws_account_id
+        common_job_parameters["UPDATE_TAG"] = update_tag
     cleanup(neo4j_session, common_job_parameters)

cartography/intel/sentinelone/__init__.py CHANGED Viewed

@@ -3,6 +3,7 @@ import logging
 import neo4j
 import cartography.intel.sentinelone.agent
+import cartography.intel.sentinelone.application
 from cartography.config import Config
 from cartography.intel.sentinelone.account import sync_accounts
 from cartography.stats import get_stats_client
@@ -39,7 +40,7 @@ def start_sentinelone_ingestion(neo4j_session: neo4j.Session, config: Config) ->
         config.sentinelone_account_ids,
     )
-    # Sync agents for each account
+    # Sync agents and applications for each account
     for account_id in synced_account_ids:
         # Add account-specific parameter
         common_job_parameters["S1_ACCOUNT_ID"] = account_id
@@ -49,7 +50,12 @@ def start_sentinelone_ingestion(neo4j_session: neo4j.Session, config: Config) ->
             common_job_parameters,
         )
-        # Clean up account-specific parameter
+        cartography.intel.sentinelone.application.sync(
+            neo4j_session,
+            common_job_parameters,
+        )
+        # Clean up account-specific parameters
         del common_job_parameters["S1_ACCOUNT_ID"]
     # Record that the sync is complete

cartography/intel/sentinelone/application.py ADDED Viewed

@@ -0,0 +1,248 @@
+import logging
+from typing import Any
+import neo4j
+from cartography.client.core.tx import load
+from cartography.graph.job import GraphJob
+from cartography.intel.sentinelone.api import get_paginated_results
+from cartography.intel.sentinelone.utils import get_application_id
+from cartography.intel.sentinelone.utils import get_application_version_id
+from cartography.models.sentinelone.application import S1ApplicationSchema
+from cartography.models.sentinelone.application_version import (
+    S1ApplicationVersionSchema,
+)
+from cartography.util import timeit
+logger = logging.getLogger(__name__)
+@timeit
+def get_application_data(
+    account_id: str, api_url: str, api_token: str
+) -> list[dict[str, Any]]:
+    """
+    Get application data from SentinelOne API
+    :param account_id: SentinelOne account ID
+    :param api_url: SentinelOne API URL
+    :param api_token: SentinelOne API token
+    :return: A list of application data dictionaries
+    """
+    logger.info(f"Retrieving SentinelOne application data for account {account_id}")
+    applications = get_paginated_results(
+        api_url=api_url,
+        endpoint="/web/api/v2.1/application-management/inventory",
+        api_token=api_token,
+        params={
+            "accountIds": account_id,
+            "limit": 1000,
+        },
+    )
+    logger.info(f"Retrieved {len(applications)} applications from SentinelOne")
+    return applications
+@timeit
+def get_application_installs(
+    app_inventory: list[dict[str, Any]], account_id: str, api_url: str, api_token: str
+) -> list[dict[str, Any]]:
+    """
+    Get application installs from SentinelOne API
+    :param app_inventory: List of applications to get installs for
+    :param account_id: SentinelOne account ID
+    :param api_url: SentinelOne API URL
+    :param api_token: SentinelOne API token
+    :return: A list of application installs data dictionaries
+    """
+    logger.info(
+        f"Retrieving SentinelOne application installs for "
+        f"{len(app_inventory)} applications in account "
+        f"{account_id}",
+    )
+    application_installs = []
+    for i, app in enumerate(app_inventory):
+        logger.info(
+            f"Retrieving SentinelOne installs for {app.get('applicationName')} "
+            f"{app.get('applicationVendor')} ({i + 1}/{len(app_inventory)})",
+        )
+        name = app["applicationName"]
+        vendor = app["applicationVendor"]
+        app_installs = get_paginated_results(
+            api_url=api_url,
+            endpoint="/web/api/v2.1/application-management/inventory/endpoints",
+            api_token=api_token,
+            params={
+                "accountIds": account_id,
+                "limit": 1000,
+                "applicationName": name,
+                "applicationVendor": vendor,
+            },
+        )
+        # Replace applicationVendor and applicationName with original values
+        # for consistency with the application data
+        for app_install in app_installs:
+            app_install["applicationVendor"] = vendor
+            app_install["applicationName"] = name
+        application_installs.extend(app_installs)
+    return application_installs
+def transform_applications(
+    applications_list: list[dict[str, Any]],
+) -> list[dict[str, Any]]:
+    """
+    Transform SentinelOne application data for loading into Neo4j
+    :param applications_list: Raw application data from the API
+    :return: Transformed application data
+    """
+    transformed_data = []
+    for app in applications_list:
+        vendor = app["applicationVendor"].strip()
+        name = app["applicationName"].strip()
+        app_id = get_application_id(name, vendor)
+        transformed_app = {
+            "id": app_id,
+            "name": name,
+            "vendor": vendor,
+        }
+        transformed_data.append(transformed_app)
+    return transformed_data
+def transform_application_versions(
+    application_installs_list: list[dict[str, Any]],
+) -> list[dict[str, Any]]:
+    """
+    Transform SentinelOne application installs for loading into Neo4j
+    :param application_installs_list: Raw application installs data from the API
+    :return: Transformed application installs data
+    """
+    transformed_data = []
+    for installed_version in application_installs_list:
+        app_name = installed_version["applicationName"]
+        app_vendor = installed_version["applicationVendor"]
+        version = installed_version["version"]
+        transformed_version = {
+            "id": get_application_version_id(
+                app_name,
+                app_vendor,
+                version,
+            ),
+            "application_id": get_application_id(
+                app_name,
+                app_vendor,
+            ),
+            "application_name": app_name,
+            "application_vendor": app_vendor,
+            "agent_uuid": installed_version.get("endpointUuid"),
+            "installation_path": installed_version.get("applicationInstallationPath"),
+            "installed_dt": installed_version.get("applicationInstallationDate"),
+            "version": version,
+        }
+        transformed_data.append(transformed_version)
+    return transformed_data
+@timeit
+def load_application_data(
+    neo4j_session: neo4j.Session,
+    data: list[dict[str, Any]],
+    account_id: str,
+    update_tag: int,
+) -> None:
+    """
+    Load SentinelOne application data into Neo4j
+    :param neo4j_session: Neo4j session
+    :param data: The transformed application data
+    :param account_id: The SentinelOne account ID
+    :param update_tag: Update tag to set on the nodes
+    :return: None
+    """
+    logger.info(f"Loading {len(data)} SentinelOne applications into Neo4j")
+    load(
+        neo4j_session,
+        S1ApplicationSchema(),
+        data,
+        lastupdated=update_tag,
+        S1_ACCOUNT_ID=account_id,
+    )
+@timeit
+def load_application_versions(
+    neo4j_session: neo4j.Session,
+    data: list[dict[str, Any]],
+    account_id: str,
+    update_tag: int,
+) -> None:
+    logger.info(f"Loading {len(data)} SentinelOne application versions into Neo4j")
+    load(
+        neo4j_session,
+        S1ApplicationVersionSchema(),
+        data,
+        lastupdated=update_tag,
+        S1_ACCOUNT_ID=account_id,
+    )
+@timeit
+def cleanup(
+    neo4j_session: neo4j.Session, common_job_parameters: dict[str, Any]
+) -> None:
+    logger.debug("Running SentinelOne S1Application cleanup")
+    GraphJob.from_node_schema(S1ApplicationSchema(), common_job_parameters).run(
+        neo4j_session
+    )
+    logger.debug("Running SentinelOne S1ApplicationVersion cleanup")
+    GraphJob.from_node_schema(S1ApplicationVersionSchema(), common_job_parameters).run(
+        neo4j_session
+    )
+@timeit
+def sync(
+    neo4j_session: neo4j.Session,
+    common_job_parameters: dict[str, Any],
+) -> None:
+    """
+    Sync SentinelOne applications
+    :param neo4j_session: Neo4j session
+    :param common_job_parameters: Common job parameters containing API_URL, API_TOKEN, etc.
+    :return: None
+    """
+    logger.info("Syncing SentinelOne application data")
+    account_id = str(common_job_parameters["S1_ACCOUNT_ID"])
+    api_url = str(common_job_parameters["API_URL"])
+    api_token = str(common_job_parameters["API_TOKEN"])
+    applications = get_application_data(account_id, api_url, api_token)
+    application_versions = get_application_installs(
+        applications, account_id, api_url, api_token
+    )
+    transformed_applications = transform_applications(applications)
+    transformed_application_versions = transform_application_versions(
+        application_versions
+    )
+    load_application_data(
+        neo4j_session,
+        transformed_applications,
+        account_id,
+        common_job_parameters["UPDATE_TAG"],
+    )
+    load_application_versions(
+        neo4j_session,
+        transformed_application_versions,
+        account_id,
+        common_job_parameters["UPDATE_TAG"],
+    )
+    cleanup(neo4j_session, common_job_parameters)

cartography/intel/sentinelone/utils.py CHANGED Viewed

@@ -2,8 +2,27 @@ import re
 def get_application_id(name: str, vendor: str) -> str:
+    """
+    Generate a normalized unique identifier for an application.
+    :param name: Application name
+    :param vendor: Application vendor/publisher
+    :return: Normalized unique identifier in format 'vendor:name'
+    """
     name_normalized = name.strip().lower().replace(" ", "_")
     vendor_normalized = vendor.strip().lower().replace(" ", "_")
     name_normalized = re.sub(r"[^\w]", "", name_normalized)
-    vendor_normalized = re.sub(r"[^\w\s]", "", vendor_normalized)
+    vendor_normalized = re.sub(r"[^\w]", "", vendor_normalized)
     return f"{vendor_normalized}:{name_normalized}"
+def get_application_version_id(name: str, vendor: str, version: str) -> str:
+    """
+    Generate a unique identifier for an application version
+    :param name: Application name
+    :param vendor: Application vendor
+    :param version: Application version
+    :return: Unique identifier for the application version in format 'vendor:name:version'
+    """
+    app_id = get_application_id(name, vendor)
+    version_normalized = version.strip().lower().replace(" ", "_")
+    return f"{app_id}:{version_normalized}"

cartography/models/aws/cloudwatch/log_metric_filter.py ADDED Viewed

@@ -0,0 +1,79 @@
+from dataclasses import dataclass
+from cartography.models.core.common import PropertyRef
+from cartography.models.core.nodes import CartographyNodeProperties
+from cartography.models.core.nodes import CartographyNodeSchema
+from cartography.models.core.relationships import CartographyRelProperties
+from cartography.models.core.relationships import CartographyRelSchema
+from cartography.models.core.relationships import LinkDirection
+from cartography.models.core.relationships import make_target_node_matcher
+from cartography.models.core.relationships import OtherRelationships
+from cartography.models.core.relationships import TargetNodeMatcher
+@dataclass(frozen=True)
+class CloudWatchLogMetricFilterNodeProperties(CartographyNodeProperties):
+    id: PropertyRef = PropertyRef("id")
+    arn: PropertyRef = PropertyRef("filterName", extra_index=True)
+    region: PropertyRef = PropertyRef("Region", set_in_kwargs=True)
+    filter_name: PropertyRef = PropertyRef("filterName")
+    filter_pattern: PropertyRef = PropertyRef("filterPattern")
+    log_group_name: PropertyRef = PropertyRef("logGroupName")
+    metric_name: PropertyRef = PropertyRef("metricName")
+    metric_namespace: PropertyRef = PropertyRef("metricNamespace")
+    metric_value: PropertyRef = PropertyRef("metricValue")
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+@dataclass(frozen=True)
+class CloudWatchLogMetricFilterToAwsAccountRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+@dataclass(frozen=True)
+class CloudWatchLogMetricFilterToAWSAccountRel(CartographyRelSchema):
+    target_node_label: str = "AWSAccount"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"id": PropertyRef("AWS_ID", set_in_kwargs=True)},
+    )
+    direction: LinkDirection = LinkDirection.INWARD
+    rel_label: str = "RESOURCE"
+    properties: CloudWatchLogMetricFilterToAwsAccountRelProperties = (
+        CloudWatchLogMetricFilterToAwsAccountRelProperties()
+    )
+@dataclass(frozen=True)
+class CloudWatchLogMetricFilterToCloudWatchLogGroupRelProperties(
+    CartographyRelProperties
+):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+@dataclass(frozen=True)
+class CloudWatchLogMetricFilterToCloudWatchLogGroupRel(CartographyRelSchema):
+    target_node_label: str = "CloudWatchLogGroup"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"log_group_name": PropertyRef("logGroupName")},
+    )
+    direction: LinkDirection = LinkDirection.OUTWARD
+    rel_label: str = "METRIC_FILTER_OF"
+    properties: CloudWatchLogMetricFilterToCloudWatchLogGroupRelProperties = (
+        CloudWatchLogMetricFilterToCloudWatchLogGroupRelProperties()
+    )
+@dataclass(frozen=True)
+class CloudWatchLogMetricFilterSchema(CartographyNodeSchema):
+    label: str = "CloudWatchLogMetricFilter"
+    properties: CloudWatchLogMetricFilterNodeProperties = (
+        CloudWatchLogMetricFilterNodeProperties()
+    )
+    sub_resource_relationship: CloudWatchLogMetricFilterToAWSAccountRel = (
+        CloudWatchLogMetricFilterToAWSAccountRel()
+    )
+    other_relationships: OtherRelationships = OtherRelationships(
+        [
+            CloudWatchLogMetricFilterToCloudWatchLogGroupRel(),
+        ]
+    )

cartography/models/aws/ec2/networkinterfaces.py CHANGED Viewed

@@ -44,7 +44,9 @@ class EC2NetworkInterfaceNodeProperties(CartographyNodeProperties):
     requester_id: PropertyRef = PropertyRef("RequesterId", extra_index=True)
     requester_managed: PropertyRef = PropertyRef("RequesterManaged")
     source_dest_check: PropertyRef = PropertyRef("SourceDestCheck")
+    # TODO: remove subnetid once we have migrated to subnet_id
     subnetid: PropertyRef = PropertyRef("SubnetId", extra_index=True)
+    subnet_id: PropertyRef = PropertyRef("SubnetId", extra_index=True)
 @dataclass(frozen=True)

cartography/models/aws/ec2/subnet_instance.py CHANGED Viewed

@@ -15,7 +15,9 @@ from cartography.models.core.relationships import TargetNodeMatcher
 class EC2SubnetInstanceNodeProperties(CartographyNodeProperties):
     # arn: PropertyRef = PropertyRef('Arn', extra_index=True) TODO use arn; issue #1024
     id: PropertyRef = PropertyRef("SubnetId")
+    # TODO: remove subnetid once we have migrated to subnet_id
     subnetid: PropertyRef = PropertyRef("SubnetId", extra_index=True)
+    subnet_id: PropertyRef = PropertyRef("SubnetId", extra_index=True)
     region: PropertyRef = PropertyRef("Region", set_in_kwargs=True)
     lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)

cartography/models/aws/ec2/subnet_networkinterface.py CHANGED Viewed

@@ -16,6 +16,8 @@ from cartography.models.core.relationships import TargetNodeMatcher
 @dataclass(frozen=True)
 class EC2SubnetNetworkInterfaceNodeProperties(CartographyNodeProperties):
     id: PropertyRef = PropertyRef("SubnetId")
+    # TODO: remove subnetid once we have migrated to subnet_id
+    subnetid: PropertyRef = PropertyRef("SubnetId", extra_index=True)
     subnet_id: PropertyRef = PropertyRef("SubnetId", extra_index=True)
     region: PropertyRef = PropertyRef("Region", set_in_kwargs=True)
     lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)

cartography/models/aws/ecs/tasks.py CHANGED Viewed

@@ -46,6 +46,7 @@ class ECSTaskNodeProperties(CartographyNodeProperties):
     ephemeral_storage_size_in_gib: PropertyRef = PropertyRef(
         "ephemeralStorage.sizeInGiB"
     )
+    network_interface_id: PropertyRef = PropertyRef("networkInterfaceId")
     region: PropertyRef = PropertyRef("Region", set_in_kwargs=True)
     lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
@@ -100,11 +101,33 @@ class ECSTaskToAWSAccountRel(CartographyRelSchema):
     properties: ECSTaskToAWSAccountRelProperties = ECSTaskToAWSAccountRelProperties()
+@dataclass(frozen=True)
+class ECSTaskToNetworkInterfaceRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+@dataclass(frozen=True)
+class ECSTaskToNetworkInterfaceRel(CartographyRelSchema):
+    target_node_label: str = "NetworkInterface"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"id": PropertyRef("networkInterfaceId")}
+    )
+    direction: LinkDirection = LinkDirection.OUTWARD
+    rel_label: str = "NETWORK_INTERFACE"
+    properties: ECSTaskToNetworkInterfaceRelProperties = (
+        ECSTaskToNetworkInterfaceRelProperties()
+    )
 @dataclass(frozen=True)
 class ECSTaskSchema(CartographyNodeSchema):
     label: str = "ECSTask"
     properties: ECSTaskNodeProperties = ECSTaskNodeProperties()
     sub_resource_relationship: ECSTaskToAWSAccountRel = ECSTaskToAWSAccountRel()
     other_relationships: OtherRelationships = OtherRelationships(
-        [ECSTaskToContainerInstanceRel(), ECSTaskToECSClusterRel()]
+        [
+            ECSTaskToContainerInstanceRel(),
+            ECSTaskToECSClusterRel(),
+            ECSTaskToNetworkInterfaceRel(),
+        ]
     )

cartography/models/aws/inspector/findings.py CHANGED Viewed

@@ -7,8 +7,10 @@ from cartography.models.core.nodes import ExtraNodeLabels
 from cartography.models.core.relationships import CartographyRelProperties
 from cartography.models.core.relationships import CartographyRelSchema
 from cartography.models.core.relationships import LinkDirection
+from cartography.models.core.relationships import make_source_node_matcher
 from cartography.models.core.relationships import make_target_node_matcher
 from cartography.models.core.relationships import OtherRelationships
+from cartography.models.core.relationships import SourceNodeMatcher
 from cartography.models.core.relationships import TargetNodeMatcher
@@ -135,6 +137,40 @@ class InspectorFindingToECRImageRel(CartographyRelSchema):
     )
+@dataclass(frozen=True)
+class InspectorFindingToPackageRelRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+    _sub_resource_label: PropertyRef = PropertyRef(
+        "_sub_resource_label", set_in_kwargs=True
+    )
+    _sub_resource_id: PropertyRef = PropertyRef("_sub_resource_id", set_in_kwargs=True)
+    # The following properties live in vulnerablePackages from AWS API
+    # Adding them here to avoid multiple repetion of packages
+    filepath: PropertyRef = PropertyRef("filePath")
+    fixedinversion: PropertyRef = PropertyRef("fixedInVersion")
+    remediation: PropertyRef = PropertyRef("remediation")
+    sourcelayerhash: PropertyRef = PropertyRef("sourceLayerHash")
+    sourcelambdalayerarn: PropertyRef = PropertyRef("sourceLambdaLayerArn")
+@dataclass(frozen=True)
+# (:AWSInspectorFinding)-[:HAS]->(:AWSInspectorPackage)
+class InspectorFindingToPackageMatchLink(CartographyRelSchema):
+    target_node_label: str = "AWSInspectorPackage"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"id": PropertyRef("packageid")},
+    )
+    source_node_label: str = "AWSInspectorFinding"
+    source_node_matcher: SourceNodeMatcher = make_source_node_matcher(
+        {"id": PropertyRef("findingarn")},
+    )
+    properties: InspectorFindingToPackageRelRelProperties = (
+        InspectorFindingToPackageRelRelProperties()
+    )
+    direction: LinkDirection = LinkDirection.OUTWARD
+    rel_label: str = "HAS"
 @dataclass(frozen=True)
 class AWSInspectorFindingSchema(CartographyNodeSchema):
     label: str = "AWSInspectorFinding"
@@ -146,6 +182,7 @@ class AWSInspectorFindingSchema(CartographyNodeSchema):
     other_relationships: OtherRelationships = OtherRelationships(
         [
             InspectorFindingToEC2InstanceRel(),
+            # TODO: Fix ECRRepository and ECRImage relationships
             InspectorFindingToECRRepositoryRel(),
             InspectorFindingToECRImageRel(),
             InspectorFindingToAWSAccountRelDelegateRel(),

cartography/models/aws/inspector/packages.py CHANGED Viewed

@@ -7,25 +7,18 @@ from cartography.models.core.relationships import CartographyRelProperties
 from cartography.models.core.relationships import CartographyRelSchema
 from cartography.models.core.relationships import LinkDirection
 from cartography.models.core.relationships import make_target_node_matcher
-from cartography.models.core.relationships import OtherRelationships
 from cartography.models.core.relationships import TargetNodeMatcher
 @dataclass(frozen=True)
 class AWSInspectorPackageNodeProperties(CartographyNodeProperties):
     id: PropertyRef = PropertyRef("id")
-    region: PropertyRef = PropertyRef("Region", set_in_kwargs=True)
-    awsaccount: PropertyRef = PropertyRef("AWS_ID", set_in_kwargs=True)
-    findingarn: PropertyRef = PropertyRef("findingarn", extra_index=True)
     name: PropertyRef = PropertyRef("name", extra_index=True)
-    arch: PropertyRef = PropertyRef("arch")
     version: PropertyRef = PropertyRef("version", extra_index=True)
     release: PropertyRef = PropertyRef("release", extra_index=True)
+    arch: PropertyRef = PropertyRef("arch")
     epoch: PropertyRef = PropertyRef("epoch")
     manager: PropertyRef = PropertyRef("packageManager")
-    filepath: PropertyRef = PropertyRef("filePath")
-    fixedinversion: PropertyRef = PropertyRef("fixedInVersion")
-    sourcelayerhash: PropertyRef = PropertyRef("sourceLayerHash")
     lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
@@ -47,24 +40,6 @@ class InspectorPackageToAWSAccountRel(CartographyRelSchema):
     )
-@dataclass(frozen=True)
-class InspectorPackageToFindingRelRelProperties(CartographyRelProperties):
-    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
-@dataclass(frozen=True)
-class InspectorPackageToFindingRel(CartographyRelSchema):
-    target_node_label: str = "AWSInspectorFinding"
-    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
-        {"id": PropertyRef("findingarn")},
-    )
-    direction: LinkDirection = LinkDirection.INWARD
-    rel_label: str = "HAS"
-    properties: InspectorPackageToFindingRelRelProperties = (
-        InspectorPackageToFindingRelRelProperties()
-    )
 @dataclass(frozen=True)
 class AWSInspectorPackageSchema(CartographyNodeSchema):
     label: str = "AWSInspectorPackage"
@@ -72,8 +47,3 @@ class AWSInspectorPackageSchema(CartographyNodeSchema):
     sub_resource_relationship: InspectorPackageToAWSAccountRel = (
         InspectorPackageToAWSAccountRel()
     )
-    other_relationships: OtherRelationships = OtherRelationships(
-        [
-            InspectorPackageToFindingRel(),
-        ],
-    )

cartography/models/sentinelone/application.py ADDED Viewed

@@ -0,0 +1,44 @@
+from dataclasses import dataclass
+from cartography.models.core.common import PropertyRef
+from cartography.models.core.nodes import CartographyNodeProperties
+from cartography.models.core.nodes import CartographyNodeSchema
+from cartography.models.core.relationships import CartographyRelProperties
+from cartography.models.core.relationships import CartographyRelSchema
+from cartography.models.core.relationships import LinkDirection
+from cartography.models.core.relationships import make_target_node_matcher
+from cartography.models.core.relationships import TargetNodeMatcher
+@dataclass(frozen=True)
+class S1ApplicationNodeProperties(CartographyNodeProperties):
+    id: PropertyRef = PropertyRef("id")
+    name: PropertyRef = PropertyRef("name")
+    vendor: PropertyRef = PropertyRef("vendor")
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+@dataclass(frozen=True)
+class S1ApplicationToAccountRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+@dataclass(frozen=True)
+# (:S1Application)<-[:RESOURCE]-(:S1Account)
+class S1ApplicationToAccount(CartographyRelSchema):
+    target_node_label: str = "S1Account"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"id": PropertyRef("S1_ACCOUNT_ID", set_in_kwargs=True)},
+    )
+    direction: LinkDirection = LinkDirection.INWARD
+    rel_label: str = "RESOURCE"
+    properties: S1ApplicationToAccountRelProperties = (
+        S1ApplicationToAccountRelProperties()
+    )
+@dataclass(frozen=True)
+class S1ApplicationSchema(CartographyNodeSchema):
+    label: str = "S1Application"
+    properties: S1ApplicationNodeProperties = S1ApplicationNodeProperties()
+    sub_resource_relationship: S1ApplicationToAccount = S1ApplicationToAccount()

cartography/models/sentinelone/application_version.py ADDED Viewed

@@ -0,0 +1,96 @@
+from dataclasses import dataclass
+from cartography.models.core.common import PropertyRef
+from cartography.models.core.nodes import CartographyNodeProperties
+from cartography.models.core.nodes import CartographyNodeSchema
+from cartography.models.core.relationships import CartographyRelProperties
+from cartography.models.core.relationships import CartographyRelSchema
+from cartography.models.core.relationships import LinkDirection
+from cartography.models.core.relationships import make_target_node_matcher
+from cartography.models.core.relationships import OtherRelationships
+from cartography.models.core.relationships import TargetNodeMatcher
+@dataclass(frozen=True)
+class S1ApplicationVersionNodeProperties(CartographyNodeProperties):
+    id: PropertyRef = PropertyRef("id", extra_index=True)
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+    application_name: PropertyRef = PropertyRef("application_name")
+    application_vendor: PropertyRef = PropertyRef("application_vendor")
+    version: PropertyRef = PropertyRef("version")
+@dataclass(frozen=True)
+class S1ApplicationVersionToAccountRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+@dataclass(frozen=True)
+# (:S1ApplicationVersion)<-[:RESOURCE]-(:S1Account)
+class S1ApplicationVersionToAccount(CartographyRelSchema):
+    target_node_label: str = "S1Account"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"id": PropertyRef("S1_ACCOUNT_ID", set_in_kwargs=True)},
+    )
+    direction: LinkDirection = LinkDirection.INWARD
+    rel_label: str = "RESOURCE"
+    properties: S1ApplicationVersionToAccountRelProperties = (
+        S1ApplicationVersionToAccountRelProperties()
+    )
+@dataclass(frozen=True)
+class S1AgentToApplicationVersionRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+    installeddatetime: PropertyRef = PropertyRef("installed_dt")
+    installationpath: PropertyRef = PropertyRef("installation_path")
+@dataclass(frozen=True)
+# (:S1Agent)-[:HAS_INSTALLED]->(:S1ApplicationVersion)
+class S1AgentToS1ApplicationVersion(CartographyRelSchema):
+    target_node_label: str = "S1Agent"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"uuid": PropertyRef("agent_uuid")},
+    )
+    direction: LinkDirection = LinkDirection.INWARD
+    rel_label: str = "HAS_INSTALLED"
+    properties: S1AgentToApplicationVersionRelProperties = (
+        S1AgentToApplicationVersionRelProperties()
+    )
+@dataclass(frozen=True)
+class S1ApplicationVersionToApplicationRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+@dataclass(frozen=True)
+# (:S1ApplicationVersion)<-[:VERSION]-(:S1Application)
+class S1ApplicationVersionToApplication(CartographyRelSchema):
+    target_node_label: str = "S1Application"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"id": PropertyRef("application_id")},
+    )
+    direction: LinkDirection = LinkDirection.INWARD
+    rel_label: str = "VERSION"
+    properties: S1ApplicationVersionToApplicationRelProperties = (
+        S1ApplicationVersionToApplicationRelProperties()
+    )
+@dataclass(frozen=True)
+class S1ApplicationVersionSchema(CartographyNodeSchema):
+    label: str = "S1ApplicationVersion"
+    properties: S1ApplicationVersionNodeProperties = (
+        S1ApplicationVersionNodeProperties()
+    )
+    sub_resource_relationship: S1ApplicationVersionToAccount = (
+        S1ApplicationVersionToAccount()
+    )
+    other_relationships: OtherRelationships = OtherRelationships(
+        [
+            S1AgentToS1ApplicationVersion(),
+            S1ApplicationVersionToApplication(),
+        ],
+    )

{cartography-0.107.0rc1.dist-info → cartography-0.107.0rc3.dist-info}/METADATA RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: cartography
-Version: 0.107.0rc1
+Version: 0.107.0rc3
 Summary: Explore assets and their relationships across your technical infrastructure.
 Maintainer: Cartography Contributors
 License: apache2

{cartography-0.107.0rc1.dist-info → cartography-0.107.0rc3.dist-info}/RECORD RENAMED Viewed

@@ -1,6 +1,6 @@
 cartography/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 cartography/__main__.py,sha256=y5iqUrj4BmqZfjeDT-9balzpXeMARgHeIedRMRI1gr8,100
-cartography/_version.py,sha256=p-Djna7oRUSPYcKo49GYVaSUJK3PW0h7Jw79Ngeb9Mo,525
+cartography/_version.py,sha256=Mw8xqndv8cO5u8s9TF2NfNZPshP9CgkSEhbYGTmeNck,525
 cartography/cli.py,sha256=e5F9239v_JoLR293JMZI1toYg43li2RX_F-qOHTB-HA,46054
 cartography/config.py,sha256=mM7Frg8maGB4a0Oad2nvktM38uC7zgrwSmofO5l4Aus,16492
 cartography/py.typed,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -158,12 +158,12 @@ cartography/intel/aws/acm.py,sha256=a_i2pYPpocjlL8itwlcrmg8KrSLfjcmrkhcrPP-Omj8,
 cartography/intel/aws/apigateway.py,sha256=hOYVSY70DbrEfhi9gkX7PAMtg9WiPE0Pbp2wqGes7Vs,12198
 cartography/intel/aws/cloudtrail.py,sha256=kip3O39ulRmuo9RpfkofzUcGnkNnF8ksD7hP0Qe75-A,2441
 cartography/intel/aws/cloudtrail_management_events.py,sha256=_kJR3N4eHm1c1OgObsUgAdB11UQjN91B9B0U3kuk0_o,13036
-cartography/intel/aws/cloudwatch.py,sha256=k9A8h__dE8N2LeF0o8lpJcNqNAaTCG1Ip3PgAF9mnlQ,2488
+cartography/intel/aws/cloudwatch.py,sha256=Irocf84_n-JqFIbTf9tPkpJe5cpKSubd5daE7G8298Q,5107
 cartography/intel/aws/codebuild.py,sha256=8I-Xzm_c5-ixnGOOHIQLYYpClnaGjjHrEMjQ0-DGsgM,3958
 cartography/intel/aws/config.py,sha256=IIICicLQ0OTT3H3o8LDakIkA1BPUMwSyzpKonet-PaY,7658
 cartography/intel/aws/dynamodb.py,sha256=VvvjeUgi1ZrqY9flXIQnfhhaSVSEqXXHW6T9917VLBk,5728
 cartography/intel/aws/ecr.py,sha256=7a9EHZru6AUIGE_6MJ4h4_ZmrvBxsXaerCHtGr59lJ0,8393
-cartography/intel/aws/ecs.py,sha256=-RPYdc6KC5fbaosaGsgWRkuLoHnE71euud4ZC1wGJI8,13464
+cartography/intel/aws/ecs.py,sha256=h5Nn09MzqPftbXV46jybjsxnYVYW1Vit41kCkaFIq_4,14105
 cartography/intel/aws/efs.py,sha256=6ZvFmVHLfZlyo8xx2dlRsC1IoVOpBOtsij_AdFczkDo,7884
 cartography/intel/aws/eks.py,sha256=bPItyEj5q0nSDltJrr0S5MIrTPV0fK3xkqF6EV8fcqA,3759
 cartography/intel/aws/elasticache.py,sha256=dpRJCYxgUW2ImgGMt4L54xFil8apUoJxZq6hpewXxAE,4590
@@ -172,7 +172,7 @@ cartography/intel/aws/emr.py,sha256=EJoKjHQP7-F_A1trUNU05Sb42yNR1i0C9VIpGcCfAXw,
 cartography/intel/aws/iam.py,sha256=bkyIzWw2OC4MHxuoCvTiZ5eEGEQhz2asiUgY_tkX2GY,34322
 cartography/intel/aws/iam_instance_profiles.py,sha256=QUyu30xid60BFaemp-q0y9FgNsHaIQyQnQ8gHUzWC4k,2211
 cartography/intel/aws/identitycenter.py,sha256=C2EOfwQO1zBjePAXtreUcJIy7RU__ior3liRT4SpGO8,9544
-cartography/intel/aws/inspector.py,sha256=rD_O3DUGv5-GSMNqDzb11Ps5bX1sIo_JDq3UTAGvUpE,11168
+cartography/intel/aws/inspector.py,sha256=G8a60uuFCuENvR2DNJ9VmWEJwG9UDENaC1buULvuSZc,12415
 cartography/intel/aws/kms.py,sha256=RtCxNG-Den-f4Il-NO3YL_-BFUmg1qFt4lNucue9SQM,12130
 cartography/intel/aws/lambda_function.py,sha256=cutCsMnvyJB8vKUP0fHORrhijw944cXSoLKOHYdi6SM,10389
 cartography/intel/aws/organizations.py,sha256=m5qk60N6pe7iKLN-Rtfg9aYv7OozoloSkcsuePd-RGs,4680
@@ -205,7 +205,7 @@ cartography/intel/aws/ec2/reserved_instances.py,sha256=BsshVUzkuOstbidYEGq0By2Y-
 cartography/intel/aws/ec2/route_tables.py,sha256=NSW7B-4wII4mf5ClX5F1q4cKfSNAjxBSnrdk4EhxXz0,10465
 cartography/intel/aws/ec2/security_groups.py,sha256=JT3UFD-LgcdH85bel0GomHDEkCntPjvH0IXl9-ELMqI,6447
 cartography/intel/aws/ec2/snapshots.py,sha256=BiTvxR8ibt7wdBTNNpz75zRqc1Iiy6ksmowBSyBUhEU,5685
-cartography/intel/aws/ec2/subnets.py,sha256=R7qr4h0HQvwybjnKr9NN5UmY0tV6NovuJGOhEtHymPM,4141
+cartography/intel/aws/ec2/subnets.py,sha256=LDuWdkQH-2O8TmqYlvyIn3STUgP6vlhKjG8o8XNMuGE,4142
 cartography/intel/aws/ec2/tgw.py,sha256=FcXWgLkr4EcD9DRXJMeyWQIgIHidaq40UrZneKhvnuE,9621
 cartography/intel/aws/ec2/util.py,sha256=t6oJX9nCTejvp0D9ihxfhmCoD1aoOXQB0cuvz0pMCe0,226
 cartography/intel/aws/ec2/volumes.py,sha256=C5V9LRE41REU4siHMAaE9yAjtbpLi8yTkaqLEw1uXMg,3726
@@ -329,11 +329,12 @@ cartography/intel/semgrep/__init__.py,sha256=zNAH5iDbLeLeQex2L5RZytGVFY4OHYvfGuE
 cartography/intel/semgrep/dependencies.py,sha256=C_gAVOx8wN70sqvFUQD9fZ3ijv_D4W_-EiLrZ4qsvHY,8429
 cartography/intel/semgrep/deployment.py,sha256=RdLuTxSyKiIaAuposppp7Vjjq4w9M9QFSXmHgGmSWkY,2020
 cartography/intel/semgrep/findings.py,sha256=EtNwK__L1Af45xilyQPnMzu40mjWVfiCaw4WL-MWH7c,10036
-cartography/intel/sentinelone/__init__.py,sha256=0iHDpFG5y3T8jso76sqAcvESu04KehDPW92JhbjtCm4,1978
+cartography/intel/sentinelone/__init__.py,sha256=P6XGOQNNyjXp465rNOAXBbWMfEElPym-vLnayup8jM8,2174
 cartography/intel/sentinelone/account.py,sha256=FHWAl6iqpVUKTSNr0u6iAoZ7HgZezvY5JaNzYLs6GdY,4404
 cartography/intel/sentinelone/agent.py,sha256=7ZAG1D6X-7LkhZ2Yjatm84VvFybfNEmILqky0XsYGwQ,4386
 cartography/intel/sentinelone/api.py,sha256=2SUD5ukrUt8-JcMkJ6e0_ZUwh68DwBDssbUZMYInDR0,3042
-cartography/intel/sentinelone/utils.py,sha256=IH0E-jYRQFonqwO86QCgVGbiPJl7O1RUzO_BylKBRvo,371
+cartography/intel/sentinelone/application.py,sha256=11V57OtQqcW6_K6NxIjQQVKfU-91qbQhDxxBu30RBAI,7951
+cartography/intel/sentinelone/utils.py,sha256=asKaF2aHNcoutu89z_aXqG7lOmZ55TJJTNd90FJtBW8,1112
 cartography/intel/snipeit/__init__.py,sha256=XIBEduCoQirs1NuOJ02XKvcBAc0pyeFMJNJsn4iJfXc,1102
 cartography/intel/snipeit/asset.py,sha256=kQQQwYPM6Pm7bJRSMguKmFLg0s6AD6RG1nU5LLLbhVk,2043
 cartography/intel/snipeit/user.py,sha256=qO-uwbwyM_Ft95-q-yWUxOL9UdtGpxSn4XM5T-evdNs,1987
@@ -374,6 +375,7 @@ cartography/models/aws/cloudtrail/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeR
 cartography/models/aws/cloudtrail/management_events.py,sha256=RKAHm6RGVJBaOS90Csa7Vg1LEgq4lXY9YnRIMD2iLwM,2816
 cartography/models/aws/cloudtrail/trail.py,sha256=qQnpqFypKef8E7-JOR83euAtI6_j2KdjzGGFiQa6xkA,3676
 cartography/models/aws/cloudwatch/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+cartography/models/aws/cloudwatch/log_metric_filter.py,sha256=hROU3pp_D_q21dAPTddm4lcAcCZaDV_UJ49QAZ6SCLc,3321
 cartography/models/aws/cloudwatch/loggroup.py,sha256=_MRpRvU_Vg2rVlUdzfae6vOpbpmYaYE1EVN5zWucFbE,2456
 cartography/models/aws/codebuild/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 cartography/models/aws/codebuild/project.py,sha256=r_DMCtHlbG9FGUk_I8j_E1inIbFcGAXtL6HxHrcgg0U,2122
@@ -395,7 +397,7 @@ cartography/models/aws/ec2/loadbalancerv2.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRk
 cartography/models/aws/ec2/network_acl_rules.py,sha256=G2YJNOY67XQWfQbHQXkuquabiLQJp4smleLn_pdFrGY,4034
 cartography/models/aws/ec2/network_acls.py,sha256=HFInVqHmINe2kWnsbJe8rGng-UHsZDkhRXRnd1nI0v4,3532
 cartography/models/aws/ec2/networkinterface_instance.py,sha256=Gq2vGL7waocwsYRxMwOCV2vqBpUhtJDFilnylkMiKn4,4849
-cartography/models/aws/ec2/networkinterfaces.py,sha256=FJ9FCUlqKnmjTB5W7MK-iKtl3l5mB7Tik697mZ2riB4,4270
+cartography/models/aws/ec2/networkinterfaces.py,sha256=Q1AodKLX7IJWp1Z6tP2uCl21uSjdtZiX8SZImBCIbWo,4404
 cartography/models/aws/ec2/privateip_networkinterface.py,sha256=8Dt2r0sELvTAYYsUX13X-SKLJ6LDpTGmoAyLdNVYcBY,3128
 cartography/models/aws/ec2/reservations.py,sha256=Lep6M-srupbAZZzCFmOpiwz22AafJLwKzSAuuxe3BlA,1980
 cartography/models/aws/ec2/route_table_associations.py,sha256=Rs9uG976zZazcUIGL5oGpLkB72gLxWHFNCUqrvjMTvg,3974
@@ -403,8 +405,8 @@ cartography/models/aws/ec2/route_tables.py,sha256=R0gcwaOsLXRjpuvL9Pq-uGosetZysH
 cartography/models/aws/ec2/routes.py,sha256=T_PR1-pf_ZiE_w3zNaHaksXI5sIsaDwmH3sRctlP4uc,3725
 cartography/models/aws/ec2/securitygroup_instance.py,sha256=j-g1CQHYFTb0D0YsLP5QLy-lBJ0IUc3xTtaX8r9nzIY,2974
 cartography/models/aws/ec2/securitygroup_networkinterface.py,sha256=2MBxYXxuq_L0COeC04SgFfwxeXw-pc4N4JAH9oZyWQE,2481
-cartography/models/aws/ec2/subnet_instance.py,sha256=gAw2TJIlBnBNWn83l60N_Pi5Ni4oNe2lbZpg-u39BU8,2818
-cartography/models/aws/ec2/subnet_networkinterface.py,sha256=YCfribtM4gEIb2Jan3xoBZke_IeNnejB95unfnIrX3Y,3739
+cartography/models/aws/ec2/subnet_instance.py,sha256=6bgrWbFcCjBIjqd_6lcKv6rWyll-Zx1aA5TK68DcIhg,2952
+cartography/models/aws/ec2/subnet_networkinterface.py,sha256=B60S1YvEopVWNlRL5W-hMby3-P06uaNcC_8oOLoRGik,3872
 cartography/models/aws/ec2/volumes.py,sha256=ITSJ_1HgrU5wTF1zZV8sYRZsI0QzktoHkvTgpnfM1hI,4547
 cartography/models/aws/ecs/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 cartography/models/aws/ecs/clusters.py,sha256=uu-UzkSbpLu4UG5I6NsFMaThrPYl6jYe71EX8baMy1Q,2845
@@ -413,7 +415,7 @@ cartography/models/aws/ecs/container_instances.py,sha256=LhBkyEWfOSejD57AERoQYVE
 cartography/models/aws/ecs/containers.py,sha256=jmMdaonho4VI-TdZqBgTc1Ck-6XqI4O0hKRh1Ioerc4,3955
 cartography/models/aws/ecs/services.py,sha256=YPVTS0BB3X6tFCqIX3V1AZXcnHQEADusQkErd88oH7o,4964
 cartography/models/aws/ecs/task_definitions.py,sha256=Wee44GZazQfZQ1TRRZr8bYXwSGgNNDuYxHRBhOmvWzg,5573
-cartography/models/aws/ecs/tasks.py,sha256=6r2WZDc26LGR2j-U5s5v4d4PbMIvEDSkLAbTtpFdrUM,5013
+cartography/models/aws/ecs/tasks.py,sha256=E_wx1lwV0b9MMgFW-nBZFfq_AhFTV38-NC1LKGxs3lE,5809
 cartography/models/aws/efs/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 cartography/models/aws/efs/access_point.py,sha256=Auk8E0AoPjrCxch8bP8fhT3JZ2WxblTTfYSqamA_p8g,3185
 cartography/models/aws/efs/file_system.py,sha256=6BNzjQJKZ-rYlDLw1UvDBhVRKre07-9EkcW9xvR3Wh0,2842
@@ -427,8 +429,8 @@ cartography/models/aws/identitycenter/awsidentitycenter.py,sha256=-ybcEgdZjwF0RI
 cartography/models/aws/identitycenter/awspermissionset.py,sha256=12kDKzsJQOHg6d9dlX98sM9gKXGMQh7FaxzlJov7Dgo,3651
 cartography/models/aws/identitycenter/awsssouser.py,sha256=EWnyX5ev2aaK64YjKGuJSoknBF5b_kS5xc0kDf_0xfo,2886
 cartography/models/aws/inspector/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-cartography/models/aws/inspector/findings.py,sha256=z6fVygv8rmlYB1huX64jDgrCEjoTdLkoeKIVeoMk9wI,6469
-cartography/models/aws/inspector/packages.py,sha256=4TWu9EiS8aOR-n5z0FqG7564t-GKS4zrD4THX_2NKRo,3348
+cartography/models/aws/inspector/findings.py,sha256=ikm0vvjhGK_-BDt5VGyS4_0KwJsq81T6VgROq9HK2NE,8188
+cartography/models/aws/inspector/packages.py,sha256=IoJT7w6n8Vx3vGGJPWKDgJLRpioqtOS5iMYZLnX7thg,2113
 cartography/models/aws/s3/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 cartography/models/aws/s3/account_public_access_block.py,sha256=L6AS0OncfSOWHP4pOXshnJFDPwnWqywzUIeUppJcw-Q,2256
 cartography/models/aws/s3/notification.py,sha256=SF1VvCP_2WVh8K29d4ms8MUcg9AyO_MN8vCgzLFlGAs,1017
@@ -527,6 +529,8 @@ cartography/models/semgrep/locations.py,sha256=uC0QCsqSWV0ZCvQuR3OPpecImbumNLpRq
 cartography/models/sentinelone/__init__.py,sha256=DNFTywfYLRp-cX6S6zbVRkFmjud5MVtMM4Fro8PTU4Q,26
 cartography/models/sentinelone/account.py,sha256=bUh07nyPXEMXVx8kCqT0-gX9tBH8-GufcQvC2TlHnP0,1370
 cartography/models/sentinelone/agent.py,sha256=3FTJQQ_QRq9GGeIjuV0_8ZeJcnKWGHHC3exddZldqCY,2287
+cartography/models/sentinelone/application.py,sha256=g77cmjuTmiX_AwgZ7-x5eP-DsKXoCjzeAQuYtuCAcyo,1811
+cartography/models/sentinelone/application_version.py,sha256=ICxaz1rndwBpaJUgbdTshhn-cbcU_KbV7VeKyUqsdoQ,3829
 cartography/models/snipeit/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 cartography/models/snipeit/asset.py,sha256=64Cq6ff0jemj_fvhQ_-B1xEHqsZ95RqtcbDSTzCI_00,3312
 cartography/models/snipeit/tenant.py,sha256=E6uaY3d2W3MmfuUqF2TLpRP3T1QZkoIXRtp9BGxxSxk,695
@@ -542,9 +546,9 @@ cartography/models/trivy/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZ
 cartography/models/trivy/findings.py,sha256=SgI_h1aRyR20uAHvuXIZ1T6r4IZJt6SVhxRaF2bTsm0,3085
 cartography/models/trivy/fix.py,sha256=ho9ENVl9HSXqyggyCwR6ilkOBKDxpQ7rGibo_j21NA4,2587
 cartography/models/trivy/package.py,sha256=IwO1RZZ-MFRtNbt8Cq6YFl6fdNJMFmULnJkkK8Q4rL4,2809
-cartography-0.107.0rc1.dist-info/licenses/LICENSE,sha256=kvLEBRYaQ1RvUni6y7Ti9uHeooqnjPoo6n_-0JO1ETc,11351
-cartography-0.107.0rc1.dist-info/METADATA,sha256=4iitm8S4B9hie7yMMuR5tGdbOPOvBPqucuCHqXUXVnM,12861
-cartography-0.107.0rc1.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
-cartography-0.107.0rc1.dist-info/entry_points.txt,sha256=GVIAWD0o0_K077qMA_k1oZU4v-M0a8GLKGJR8tZ-qH8,112
-cartography-0.107.0rc1.dist-info/top_level.txt,sha256=BHqsNJQiI6Q72DeypC1IINQJE59SLhU4nllbQjgJi9g,12
-cartography-0.107.0rc1.dist-info/RECORD,,
+cartography-0.107.0rc3.dist-info/licenses/LICENSE,sha256=kvLEBRYaQ1RvUni6y7Ti9uHeooqnjPoo6n_-0JO1ETc,11351
+cartography-0.107.0rc3.dist-info/METADATA,sha256=JGMCRDlbdo4dqinKGOf1MUnv_1tQ-i4v38lYyJ1_jfg,12861
+cartography-0.107.0rc3.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
+cartography-0.107.0rc3.dist-info/entry_points.txt,sha256=GVIAWD0o0_K077qMA_k1oZU4v-M0a8GLKGJR8tZ-qH8,112
+cartography-0.107.0rc3.dist-info/top_level.txt,sha256=BHqsNJQiI6Q72DeypC1IINQJE59SLhU4nllbQjgJi9g,12
+cartography-0.107.0rc3.dist-info/RECORD,,

{cartography-0.107.0rc1.dist-info → cartography-0.107.0rc3.dist-info}/WHEEL RENAMED Viewed

File without changes

{cartography-0.107.0rc1.dist-info → cartography-0.107.0rc3.dist-info}/entry_points.txt RENAMED Viewed

File without changes

{cartography-0.107.0rc1.dist-info → cartography-0.107.0rc3.dist-info}/licenses/LICENSE RENAMED Viewed

File without changes

{cartography-0.107.0rc1.dist-info → cartography-0.107.0rc3.dist-info}/top_level.txt RENAMED Viewed

File without changes

cartography 0.107.0rc1__py3-none-any.whl → 0.107.0rc3__py3-none-any.whl

Potentially problematic release.

cartography 0.107.0rc1py3-none-any.whl → 0.107.0rc3py3-none-any.whl