synapse 2.165.0__py311-none-any.whl → 2.167.0__py311-none-any.whl

synapse/lib/stormtypes.py

@@ -36,7 +36,6 @@ import synapse.lib.trigger as s_trigger
 import synapse.lib.urlhelp as s_urlhelp
 import synapse.lib.version as s_version
 import synapse.lib.stormctrl as s_stormctrl
-import synapse.lib.provenance as s_provenance
 
 logger = logging.getLogger(__name__)
 
@@ -907,6 +906,18 @@ class LibService(Lib):
                   'returns': {'type': 'boolean', 'desc': 'Returns true if the service is available, false on a '
                                                          'timeout waiting for the service to be ready.', }}},
     )
+    _storm_lib_perms = (
+        {'perm': ('service', 'add'), 'gate': 'cortex',
+            'desc': 'Controls the ability to add a Storm Service to the Cortex.'},
+        {'perm': ('service', 'del'), 'gate': 'cortex',
+            'desc': 'Controls the ability to delete a Storm Service from the Cortex'},
+        {'perm': ('service', 'get'), 'gate': 'cortex',
+            'desc': 'Controls the ability to get the Service object for any Storm Service.'},
+        {'perm': ('service', 'get', '<iden>'), 'gate': 'cortex',
+            'desc': 'Controls the ability to get the Service object for a Storm Service by iden.'},
+        {'perm': ('service', 'list'), 'gate': 'cortex',
+         'desc': 'Controls the ability to list all available Storm Services and their service definitions.'},
+    )
     _storm_lib_path = ('service',)
 
     def getObjLocals(self):
@@ -931,6 +942,7 @@ class LibService(Lib):
             except s_exc.AuthDeny:
                 raise e from None
             else:
+                # TODO: Remove support for this permission in 3.0.0
                 mesg = 'Use of service.get.<servicename> permissions are deprecated.'
                 await self.runt.warnonce(mesg, svcname=ssvc.name, svciden=ssvc.iden)
 
@@ -3425,13 +3437,14 @@ class LibFeed(Lib):
         data = await toprim(data)
 
         self.runt.layerConfirm(('feed:data', *name.split('.')))
-        with s_provenance.claim('feed:data', name=name):
-            #  small work around for the feed API consistency
-            if name == 'syn.nodes':
-                async for node in self.runt.snap.addNodes(data):
-                    yield node
-                return
-            await self.runt.snap.addFeedData(name, data)
+
+        #  small work around for the feed API consistency
+        if name == 'syn.nodes':
+            async for node in self.runt.snap.addNodes(data):
+                yield node
+            return
+
+        await self.runt.snap.addFeedData(name, data)
 
     @stormfunc(readonly=True)
     async def _libList(self):
@@ -3443,11 +3456,12 @@ class LibFeed(Lib):
         data = await toprim(data)
 
         self.runt.layerConfirm(('feed:data', *name.split('.')))
-        with s_provenance.claim('feed:data', name=name):
-            strict = self.runt.snap.strict
-            self.runt.snap.strict = False
-            await self.runt.snap.addFeedData(name, data)
-            self.runt.snap.strict = strict
+
+        # TODO this should be a reentrent safe with block
+        strict = self.runt.snap.strict
+        self.runt.snap.strict = False
+        await self.runt.snap.addFeedData(name, data)
+        self.runt.snap.strict = strict
 
 @registry.registerLib
 class LibPipe(Lib):
@@ -3922,7 +3936,13 @@ class LibTelepath(Lib):
         scheme = url.split('://')[0]
         if not self.runt.allowed(('lib', 'telepath', 'open', scheme)):
             self.runt.confirm(('storm', 'lib', 'telepath', 'open', scheme))
-        return Proxy(self.runt, await self.runt.getTeleProxy(url))
+        try:
+            return Proxy(self.runt, await self.runt.getTeleProxy(url))
+        except s_exc.SynErr:
+            raise
+        except Exception as e:
+            mesg = f'Failed to connect to Telepath service: "{s_urlhelp.sanitizeUrl(url)}" error: {str(e)}'
+            raise s_exc.StormRuntimeError(mesg=mesg) from e
 
 @registry.registerType
 class Proxy(StormType):
@@ -7368,7 +7388,11 @@ class View(Prim):
                     The parent View iden.
 
                 nomerge (bool)
-                    Setting to $lib.true will prevent the layer from being merged.
+                    Deprecated - use protected. Updates to this option will be redirected to
+                    the protected option (below) until this option is removed.
+
+                protected (bool)
+                    Setting to $lib.true will prevent the layer from being merged or deleted.
 
                 layers (list(str))
                     Set the list of layer idens for a non-forked view. Layers are specified
@@ -7486,7 +7510,7 @@ class View(Prim):
 
         {'name': 'getPropArrayCount',
          'desc': '''
-            Get the number of invidivual array property values in the View for the given array property name.
+            Get the number of individual array property values in the View for the given array property name.
 
             Notes:
                This is a fast approximate count calculated by summing the number of
@@ -7580,6 +7604,10 @@ class View(Prim):
                   'args': (),
                   'returns': {'name': 'Yields', 'type': 'dict',
                               'desc': 'Yields previously successful merges into the view.'}}},
+        {'name': 'getMergingViews', 'desc': 'Get a list of idens of Views that have open merge requests to this View.',
+         'type': {'type': 'function', '_funcname': 'getMergingViews',
+                  'args': (),
+                  'returns': {'name': 'idens', 'type': 'list', 'desc': 'The list of View idens that have an open merge request into this View.'}}},
         {'name': 'setMergeVoteComment', 'desc': 'Set the comment associated with your vote on a merge request.',
          'type': {'type': 'function', '_funcname': 'setMergeVoteComment',
                   'args': ({'name': 'comment', 'type': 'str', 'desc': 'The text comment to set for the merge vote'},),
@@ -7634,6 +7662,7 @@ class View(Prim):
             'delMergeRequest': self.delMergeRequest,
             'setMergeRequest': self.setMergeRequest,
             'setMergeComment': self.setMergeComment,
+            'getMergingViews': self.getMergingViews,
         }
 
     async def addNode(self, form, valu, props=None):
@@ -7762,6 +7791,8 @@ class View(Prim):
 
     @stormfunc(readonly=True)
     async def _methViewGet(self, name, defv=None):
+        if name == 'nomerge':
+            name = 'protected'
         return self.valu.get(name, defv)
 
     def _reqView(self):
@@ -7788,6 +7819,10 @@ class View(Prim):
             valu = await toprim(valu)
 
         elif name == 'nomerge':
+            name = 'protected'
+            valu = await tobool(valu)
+
+        elif name == 'protected':
             valu = await tobool(valu)
 
         elif name == 'layers':
@@ -7951,6 +7986,12 @@ class View(Prim):
 
         return await view.setMergeComment((await tostr(comment)))
 
+    async def getMergingViews(self):
+        view = self._reqView()
+        self.runt.confirm(('view', 'read'), gateiden=view.iden)
+
+        return await view.getMergingViews()
+
     async def setMergeVote(self, approved=True, comment=None):
         view = self._reqView()
         quorum = view.reqParentQuorum()
@@ -8664,7 +8705,7 @@ class LibCron(Lib):
                   'returns': {'type': 'str', 'desc': 'The iden of the CronJob which was moved.'}}},
         {'name': 'list', 'desc': 'List CronJobs in the Cortex.',
          'type': {'type': 'function', '_funcname': '_methCronList',
-                  'returns': {'type': 'list', 'desc': 'A list of ``cronjob`` objects..', }}},
+                  'returns': {'type': 'list', 'desc': 'A list of ``cronjob`` objects.', }}},
         {'name': 'enable', 'desc': 'Enable a CronJob in the Cortex.',
          'type': {'type': 'function', '_funcname': '_methCronEnable',
                   'args': (
@@ -8855,6 +8896,7 @@ class LibCron(Lib):
         incunit = None
         incval = None
         reqdict = {}
+        pool = await tobool(kwargs.get('pool', False))
         valinfo = {  # unit: (minval, next largest unit)
             'month': (1, 'year'),
             'dayofmonth': (1, 'month'),
@@ -8960,6 +9002,7 @@ class LibCron(Lib):
 
         cdef = {'storm': query,
                 'reqs': reqdict,
+                'pool': pool,
                 'incunit': incunit,
                 'incvals': incval,
                 'creator': self.runt.user.iden
@@ -9208,6 +9251,7 @@ class CronJob(Prim):
             'view': view,
             'viewshort': view[:8] + '..',
             'query': self.valu.get('query') or '<missing>',
+            'pool': self.valu.get('pool', False),
             'isrecur': 'Y' if self.valu.get('recur') else 'N',
             'isrunning': 'Y' if self.valu.get('isrunning') else 'N',
             'enabled': 'Y' if self.valu.get('enabled', True) else 'N',

synapse/lib/trigger.py

@@ -11,7 +11,6 @@ import synapse.lib.chop as s_chop
 import synapse.lib.cache as s_cache
 import synapse.lib.config as s_config
 import synapse.lib.grammar as s_grammar
-import synapse.lib.provenance as s_provenance
 
 logger = logging.getLogger(__name__)
 
@@ -546,20 +545,19 @@ class Trigger:
 
         self.startcount += 1
 
-        with s_provenance.claim('trig', cond=cond, form=form, tag=tag, prop=prop):
-            try:
-                async with self.view.core.getStormRuntime(query, opts=opts) as runt:
+        try:
+            async with self.view.core.getStormRuntime(query, opts=opts) as runt:
 
-                    runt.addInput(node)
-                    await s_common.aspin(runt.execute())
+                runt.addInput(node)
+                await s_common.aspin(runt.execute())
 
-            except (asyncio.CancelledError, s_exc.RecursionLimitHit):
-                raise
+        except (asyncio.CancelledError, s_exc.RecursionLimitHit):
+            raise
 
-            except Exception as e:
-                self.errcount += 1
-                self.lasterrs.append(str(e))
-                logger.exception('Trigger encountered exception running storm query %s', storm)
+        except Exception as e:
+            self.errcount += 1
+            self.lasterrs.append(str(e))
+            logger.exception('Trigger encountered exception running storm query %s', storm)
 
     def pack(self):
         tdef = self.tdef.copy()

synapse/lib/types.py

@@ -1447,6 +1447,8 @@ class Edge(Type):
 
     def postTypeInit(self):
 
+        self.deprecated = True
+
         self.fieldoffs = {'n1': 0, 'n2': 1}
 
         self.ndeftype = self.modl.types.get('ndef')  # type: Ndef
@@ -1850,7 +1852,7 @@ class Tag(Str):
             mesg = f'Tag does not match tagre: [{s_grammar.tagre.pattern}]'
             raise s_exc.BadTypeValu(valu=norm, name=self.name, mesg=mesg)
 
-        return norm, {'subs': subs}
+        return norm, {'subs': subs, 'toks': toks}
 
     def _normPyStr(self, text):
         toks = text.strip('#').split('.')

synapse/lib/version.py

@@ -223,6 +223,6 @@ def reqVersion(valu, reqver,
 ##############################################################################
 # The following are touched during the release process by bumpversion.
 # Do not modify these directly.
-version = (2, 165, 0)
+version = (2, 167, 0)
 verstring = '.'.join([str(x) for x in version])
-commit = 'bdf3f6320106318fe52f1803e969090d950e0fdf'
+commit = '7b2983533ea27d69e547ac54d9aab953630137c2'

synapse/lib/view.py

@@ -167,6 +167,18 @@ class View(s_nexus.Pusher):  # type: ignore
         if byts is not None:
             return s_msgpack.un(byts)
 
+    async def getMergingViews(self):
+        if self.info.get('quorum') is None:
+            mesg = f'View ({self.iden}) does not require quorum voting.'
+            raise s_exc.BadState(mesg=mesg)
+
+        idens = []
+        for view in list(self.core.views.values()):
+            await asyncio.sleep(0)
+            if view.parent == self and view.getMergeRequest() is not None:
+                idens.append(view.iden)
+        return idens
+
     async def setMergeRequest(self, mergeinfo):
         self.reqParentQuorum()
         mergeinfo['iden'] = s_common.guid()
@@ -1086,7 +1098,8 @@ class View(s_nexus.Pusher):  # type: ignore
         '''
         Set a mutable view property.
         '''
-        if name not in ('name', 'desc', 'parent', 'nomerge', 'quorum'):
+        if name not in ('name', 'desc', 'parent', 'nomerge', 'protected', 'quorum'):
+            # TODO: Remove nomerge after Synapse 3.x.x
             mesg = f'{name} is not a valid view info key'
             raise s_exc.BadOptValu(mesg=mesg)
 
@@ -1334,8 +1347,8 @@ class View(s_nexus.Pusher):  # type: ignore
         if self.parent is None:
             raise s_exc.CantMergeView(mesg=f'Cannot merge view ({self.iden}) that has not been forked.')
 
-        if self.info.get('nomerge'):
-            raise s_exc.CantMergeView(mesg=f'Cannot merge view ({self.iden}) that has nomerge set.')
+        if self.info.get('protected'):
+            raise s_exc.CantMergeView(mesg=f'Cannot merge view ({self.iden}) that has protected set.')
 
         if self.parent.info.get('quorum') is not None:
             raise s_exc.CantMergeView(mesg=f'Cannot merge view({self.iden}). Parent view requires quorum voting.')

synapse/models/base.py

@@ -63,28 +63,36 @@ class BaseModule(s_module.CoreModule):
                     'doc': 'A generic rule linked to matches with -(matches)> edges.'}),
 
                 ('graph:cluster', ('guid', {}), {
+                    'deprecated': True,
                     'doc': 'A generic node, used in conjunction with Edge types, to cluster arbitrary nodes to a '
                            'single node in the model.'}),
 
                 ('graph:node', ('guid', {}), {
+                    'deprecated': True,
                     'doc': 'A generic node used to represent objects outside the model.'}),
 
                 ('graph:event', ('guid', {}), {
+                    'deprecated': True,
                     'doc': 'A generic event node to represent events outside the model.'}),
 
                 ('edge:refs', ('edge', {}), {
+                    'deprecated': True,
                     'doc': 'A digraph edge which records that N1 refers to or contains N2.'}),
 
                 ('edge:has', ('edge', {}), {
+                    'deprecated': True,
                     'doc': 'A digraph edge which records that N1 has N2.'}),
 
                 ('edge:wentto', ('timeedge', {}), {
+                    'deprecated': True,
                     'doc': 'A digraph edge which records that N1 went to N2 at a specific time.'}),
 
                 ('graph:edge', ('edge', {}), {
+                    'deprecated': True,
                     'doc': 'A generic digraph edge to show relationships outside the model.'}),
 
                 ('graph:timeedge', ('timeedge', {}), {
+                    'deprecated': True,
                     'doc': 'A generic digraph time edge to show relationships outside the model.'}),
 
                 ('meta:priority', ('int', {'enums': prioenums, 'enums:strict': False}), {

synapse/models/files.py

@@ -65,6 +65,9 @@ class FilePath(s_types.Str):
 
             path.append(part)
 
+        if len(path) == 0:
+            return '', {}
+
         fullpath = lead + '/'.join(path)
 
         base = path[-1]

synapse/models/inet.py

@@ -1304,8 +1304,8 @@ class InetModule(s_module.CoreModule):
                     }),
 
                     ('inet:ssl:cert', ('comp', {'fields': (('server', 'inet:server'), ('file', 'file:bytes'))}), {
-                        'doc': 'An SSL certificate file served by a server.',
-                        'ex': '(1.2.3.4:443, guid:d41d8cd98f00b204e9800998ecf8427e)',
+                        'deprecated': True,
+                        'doc': 'Deprecated. Please use inet:tls:servercert or inet:tls:clientcert',
                     }),
 
                     ('inet:port', ('int', {'min': 0, 'max': 0xffff}), {
@@ -1489,6 +1489,24 @@ class InetModule(s_module.CoreModule):
                     ('inet:ssl:jarmsample', ('comp', {'fields': (('server', 'inet:server'), ('jarmhash', 'inet:ssl:jarmhash'))}), {
                         'doc': 'A JARM hash sample taken from a server.'}),
 
+                    ('inet:tls:handshake', ('guid', {}), {
+                        'doc': 'An instance of a TLS handshake between a server and client.'}),
+
+                    ('inet:tls:ja3s:sample', ('comp', {'fields': (('server', 'inet:server'), ('ja3s', 'hash:md5'))}), {
+                        'doc': 'A JA3 sample taken from a server.'}),
+
+                    ('inet:tls:ja3:sample', ('comp', {'fields': (('client', 'inet:client'), ('ja3', 'hash:md5'))}), {
+                        'doc': 'A JA3 sample taken from a client.'}),
+
+                    ('inet:tls:servercert', ('comp', {'fields': (('server', 'inet:server'), ('cert', 'crypto:x509:cert'))}), {
+                        'doc': 'An x509 certificate sent by a server for TLS.',
+                        'ex': '(1.2.3.4:443, c7437790af01ae1bb2f8f3b684c70bf8)',
+                    }),
+
+                    ('inet:tls:clientcert', ('comp', {'fields': (('client', 'inet:client'), ('cert', 'crypto:x509:cert'))}), {
+                        'doc': 'An x509 certificate sent by a client for TLS.',
+                        'ex': '(1.2.3.4:443, 3fdf364e081c14997b291852d1f23868)',
+                    }),
                 ),
 
                 'interfaces': (
@@ -3234,6 +3252,60 @@ class InetModule(s_module.CoreModule):
                             'doc': 'The server that was sampled to compute the JARM hash.'}),
                     )),
 
+                    ('inet:tls:handshake', {}, (
+                        ('time', ('time', {}), {
+                            'doc': 'The time the handshake was initiated.'}),
+                        ('flow', ('inet:flow', {}), {
+                            'doc': 'The raw inet:flow associated with the handshake.'}),
+                        ('server', ('inet:server', {}), {
+                            'doc': 'The TLS server during the handshake.'}),
+                        ('server:cert', ('crypto:x509:cert', {}), {
+                            'doc': 'The x509 certificate sent by the server during the handshake.'}),
+                        ('server:fingerprint:ja3', ('hash:md5', {}), {
+                            'doc': 'The JA3S finger of the server.'}),
+                        ('client', ('inet:client', {}), {
+                            'doc': 'The TLS client during the handshake.'}),
+                        ('client:cert', ('crypto:x509:cert', {}), {
+                            'doc': 'The x509 certificate sent by the client during the handshake.'}),
+                        ('client:fingerprint:ja3', ('hash:md5', {}), {
+                            'doc': 'The JA3 fingerprint of the client.'}),
+                    )),
+
+                    ('inet:tls:ja3s:sample', {}, (
+                        ('server', ('inet:server', {}), {
+                            'ro': True,
+                            'doc': 'The server that was sampled to produce the JA3S hash.'}),
+                        ('ja3s', ('hash:md5', {}), {
+                            'ro': True,
+                            'doc': "The JA3S hash computed from the server's TLS hello packet."})
+                    )),
+
+                    ('inet:tls:ja3:sample', {}, (
+                        ('client', ('inet:client', {}), {
+                            'ro': True,
+                            'doc': 'The client that was sampled to produce the JA3 hash.'}),
+                        ('ja3', ('hash:md5', {}), {
+                            'ro': True,
+                            'doc': "The JA3 hash computed from the client's TLS hello packet."})
+                    )),
+
+                    ('inet:tls:servercert', {}, (
+                        ('server', ('inet:server', {}), {
+                            'ro': True,
+                            'doc': 'The server associated with the x509 certificate.'}),
+                        ('cert', ('crypto:x509:cert', {}), {
+                            'ro': True,
+                            'doc': 'The x509 certificate sent by the server.'})
+                    )),
+
+                    ('inet:tls:clientcert', {}, (
+                        ('client', ('inet:client', {}), {
+                            'ro': True,
+                            'doc': 'The client associated with the x509 certificate.'}),
+                        ('cert', ('crypto:x509:cert', {}), {
+                            'ro': True,
+                            'doc': 'The x509 certificate sent by the client.'})
+                    )),
                 ),
             }),
         )

synapse/models/orgs.py

@@ -24,14 +24,27 @@ class OuModule(s_module.CoreModule):
                 }),
                 ('ou:isic', ('str', {'regex': r'^[A-Z]([0-9]{2}[0-9]{0,2})?$'}), {
                     'doc': 'An International Standard Industrial Classification of All Economic Activities (ISIC) code.',
-                    'ex': 'C1393',
-                }),
+                    'ex': 'C1393'}),
+
                 ('ou:org', ('guid', {}), {
                     'doc': 'A GUID for a human organization such as a company or military unit.',
-                }),
+                    'display': {
+                        'columns': (
+                            {'type': 'prop', 'opts': {'name': 'name'}},
+                            {'type': 'prop', 'opts': {'name': 'names'}},
+                            {'type': 'prop', 'opts': {'name': 'country:code'}},
+                        ),
+                    }}),
+
                 ('ou:team', ('guid', {}), {
                     'doc': 'A GUID for a team within an organization.',
-                }),
+                    'display': {
+                        'columns': (
+                            {'type': 'prop', 'opts': {'name': 'name'}},
+                            {'type': 'prop', 'opts': {'name': 'org::name'}},
+                        ),
+                    }}),
+
                 ('ou:orgtype', ('taxonomy', {}), {
                     'doc': 'An org type taxonomy.',
                     'interfaces': ('meta:taxonomy',),
@@ -49,6 +62,11 @@ class OuModule(s_module.CoreModule):
                 }),
                 ('ou:industry', ('guid', {}), {
                     'doc': 'An industry classification type.',
+                    'display': {
+                        'columns': (
+                            {'type': 'prop', 'opts': {'name': 'name'}},
+                        ),
+                    },
                 }),
                 ('ou:industry:type:taxonomy', ('taxonomy', {}), {
                     'interfaces': ('meta:taxonomy',),
@@ -113,6 +131,12 @@ class OuModule(s_module.CoreModule):
                 }),
                 ('ou:conference', ('guid', {}), {
                     'doc': 'A conference with a name and sponsoring org.',
+                    'display': {
+                        'columns': (
+                            {'type': 'prop', 'opts': {'name': 'name'}},
+                            {'type': 'prop', 'opts': {'name': 'start'}},
+                        ),
+                    },
                 }),
                 ('ou:conference:attendee', ('comp', {'fields': (('conference', 'ou:conference'), ('person', 'ps:person'))}), {
                     'deprecated': True,
@@ -133,6 +157,11 @@ class OuModule(s_module.CoreModule):
                 }),
                 ('ou:goal', ('guid', {}), {
                     'doc': 'An assessed or stated goal which may be abstract or org specific.',
+                    'display': {
+                        'columns': (
+                            {'type': 'prop', 'opts': {'name': 'name'}},
+                        ),
+                    },
                 }),
                 ('ou:goalname', ('str', {'lower': True, 'onespace': True}), {
                     'doc': 'A goal name.',
@@ -154,16 +183,31 @@ class OuModule(s_module.CoreModule):
 
                 ('ou:campaign', ('guid', {}), {
                     'doc': "Represents an org's activity in pursuit of a goal.",
-                }),
+                    'display': {
+                        'columns': (
+                            {'type': 'prop', 'opts': {'name': 'name'}},
+                            {'type': 'prop', 'opts': {'name': 'names'}},
+                            {'type': 'prop', 'opts': {'name': 'reporter:name'}},
+                            {'type': 'prop', 'opts': {'name': 'tag'}},
+                        ),
+                    }}),
+
                 ('ou:conflict', ('guid', {}), {
                     'doc': 'Represents a conflict where two or more campaigns have mutually exclusive goals.',
                 }),
                 ('ou:contribution', ('guid', {}), {
-                    'doc': 'Represents a specific instance of contributing material support to a campaign.',
-                }),
+                    'doc': 'Represents a specific instance of contributing material support to a campaign.'}),
+
                 ('ou:technique', ('guid', {}), {
                     'doc': 'A specific technique used to achieve a goal.',
-                }),
+                    'display': {
+                        'columns': (
+                            {'type': 'prop', 'opts': {'name': 'name'}},
+                            {'type': 'prop', 'opts': {'name': 'reporter:name'}},
+                            {'type': 'prop', 'opts': {'name': 'tag'}},
+                        ),
+                    }}),
+
                 ('ou:technique:taxonomy', ('taxonomy', {}), {
                     'interfaces': ('meta:taxonomy',),
                     'doc': 'An analyst defined taxonomy to classify techniques in different disciplines.',

synapse/models/person.py

@@ -39,11 +39,19 @@ class PsModule(s_module.CoreModule):
                 ('ps:persona:has', ('comp', {'fields': (('persona', 'ps:persona'), ('node', 'ndef'))}), {
                     'deprecated': True,
                     'doc': 'A persona owns, controls, or has exclusive use of an object or'
-                           ' resource, potentially during a specific period of time.'
-                }),
+                           ' resource, potentially during a specific period of time.'}),
+
                 ('ps:contact', ('guid', {}), {
                     'doc': 'A GUID for a contact info record.',
-                }),
+                    'display': {
+                        'columns': (
+                            {'type': 'prop', 'opts': {'name': 'name'}},
+                            {'type': 'prop', 'opts': {'name': 'type'}},
+                            {'type': 'prop', 'opts': {'name': 'orgname'}},
+                            {'type': 'prop', 'opts': {'name': 'email'}},
+                        ),
+                    }}),
+
                 ('ps:contact:type:taxonomy', ('taxonomy', {}), {
                     'interfaces': ('meta:taxonomy',),
                     'doc': 'A taxonomy of contact types.',
@@ -55,18 +63,29 @@ class PsModule(s_module.CoreModule):
                     'doc': "A GUID representing entry in a contact's work history.",
                 }),
                 ('ps:vitals', ('guid', {}), {
-                    'doc': 'Statistics and demographic data about a person or contact.',
-                }),
+                    'doc': 'Statistics and demographic data about a person or contact.'}),
+
                 ('ps:skill', ('guid', {}), {
-                    'doc': 'A specific skill which a person or organization may have.'
-                }),
+                    'doc': 'A specific skill which a person or organization may have.',
+                    'display': {
+                        'columns': (
+                            {'type': 'prop', 'opts': {'name': 'name'}},
+                            {'type': 'prop', 'opts': {'name': 'type'}},
+                        ),
+                    }}),
+
                 ('ps:skill:type:taxonomy', ('taxonomy', {}), {
                     'interfaces': ('meta:taxonomy',),
-                    'doc': 'A taxonomy of skill types.',
-                }),
+                    'doc': 'A taxonomy of skill types.'}),
+
                 ('ps:proficiency', ('guid', {}), {
-                    'doc': 'The assessment that a given contact possesses a specific skill.'
-                }),
+                    'doc': 'The assessment that a given contact possesses a specific skill.',
+                    'display': {
+                        'columns': (
+                            {'type': 'prop', 'opts': {'name': 'contact::name'}},
+                            {'type': 'prop', 'opts': {'name': 'skill::name'}},
+                        ),
+                    }}),
             ),
             'edges': (
                 (('ps:contact', 'has', None), {