diff --git a/docs/platform/maintain/export/overview.mdx b/docs/platform/maintain/export/overview.mdx index d14759e02..9e52b9029 100644 --- a/docs/platform/maintain/export/overview.mdx +++ b/docs/platform/maintain/export/overview.mdx @@ -1,5 +1,5 @@ --- -title: Export Data - Overview +title: Export Data from Mondoo sidebar_label: Overview sidebar_position: 1 description: Export Mondoo data for analysis and reporting @@ -26,4 +26,8 @@ Export data from Mondoo to: - Other data platforms coming soon! Check back for updates. +See also: + +- [Export JSONL Schema](/platform/maintain/export/schema/) + --- diff --git a/docs/platform/maintain/export/schema/README.md b/docs/platform/maintain/export/schema/README.md index 9c6e0a529..0d7888ddf 100644 --- a/docs/platform/maintain/export/schema/README.md +++ b/docs/platform/maintain/export/schema/README.md @@ -5,8 +5,12 @@ description: Schema for exporting Mondoo data to JSONL Mondoo uses these schemas when exporting data to JSONL: +- [**Risk factor**](./risk.md) + - [**Asset**](./asset.md) -- [**Result**](./result.md) +- [**Query result**](./result.md) + +- [**Check result**](./check.md) - [**Vulnerability**](./vulns.md) diff --git a/docs/platform/maintain/export/schema/asset.md b/docs/platform/maintain/export/schema/asset.md index dbeb90004..2e9071f67 100644 --- a/docs/platform/maintain/export/schema/asset.md +++ b/docs/platform/maintain/export/schema/asset.md @@ -14,26 +14,27 @@ This is the schema Mondoo uses when exporting asset data to JSONL. | Property | Type | Required? | Nullable? | | :--------------------------------------------- | :----- | :-------- | :-------- | -| [annotations](#annotations-property) | Object | Yes | No | -| [asset_mrn](#asset_mrn-property) | String | Yes | No | -| [error](#error-property) | String | Yes | Yes | -| [exported_at](#exported_at-property) | String | Yes | No | -| [labels](#labels-property) | Object | Yes | No | | mrn (deprecated) | String | Yes | No | +| [asset_mrn](#asset_mrn-property) | String | Yes | No | +| [asset_id](#asset_id-property) | `string` | Yes | No | +| [space_mrn](#space_mrn-property) | `string` | Yes | No | +| [space_id](#space_id-property) | `string` | Yes | No | +| [space_name](#space_name-property) | `string` | Yes | No | | [name](#name-property) | String | Yes | No | | [platform_name](#platform_name-property) | String | Yes | No | +| [error](#error-property) | String | Yes | Yes | | [score_updated_at](#score_updated_at-property) | String | Yes | No | | [updated_at](#updated_at-property) | String | Yes | No | +| [labels](#labels-property) | Object | Yes | No | +| [annotations](#annotations-property) | Object | Yes | No | +| [exported_at](#exported_at-property) | String | Yes | No | +| [base_score](#base_score-property) | `integer` | ??? | ??? | +| [risk_score](#risk_score-property) | `integer` | ??? | ??? | -### annotations property - -Metadata that Mondoo adds to assets -`annotations` +### mrn property -| Type | Required? | Nullable? | -| :----- | :-------- | :-------- | -| Object | Yes | No | +Deprecated: Use `asset_mrn` instead. ### asset_mrn property @@ -45,53 +46,58 @@ Unique identifier for the asset | :----- | :-------- | :-------- | | String | Yes | No | -### error property +### asset_id property -The error if any (needs better description) +Unique identifier for the asset -`error` +`asset_mrn` | Type | Required? | Nullable? | | :----- | :-------- | :-------- | -| String | Yes | Yes | +| String | Yes | No | -### exported_at property +### space_mrn property -Timestamp when this data was exported. This is a date-time string matching [RFC 3339, section 5.6](https://tools.ietf.org/html/rfc3339 "check the specification"). +Mondoo identifier for the space containing the asset -`exported_at` +`asset_mrn` | Type | Required? | Nullable? | | :----- | :-------- | :-------- | | String | Yes | No | -### labels property +### space_id property -Metadata that Mondoo users add to assets +Unique identifier for the space containing the asset -`labels` +`asset_mrn` | Type | Required? | Nullable? | | :----- | :-------- | :-------- | -| Object | Yes | No | +| String | Yes | No | -### mrn +### space_name property -Deprecated. Use `asset_mrn` instead. +Name of the space containing the asset + +`asset_mrn` + +| Type | Required? | Nullable? | +| :----- | :-------- | :-------- | +| String | Yes | No | ### name property -The name of the asset +Name of the asset `name` - | Type | Required? | Nullable? | | :----- | :-------- | :-------- | -| String | Yes | No | +| String | ??? | ??? | ### platform_name property -The name of the platform +Name of the asset's platform `platform_name` @@ -99,6 +105,16 @@ The name of the platform | :----- | :-------- | :-------- | | String | Yes | No | +### error property + +Error, if any + +`error` + +| Type | Required? | Nullable? | +| :----- | :-------- | :-------- | +| String | Yes | Yes | + ### score_updated_at property Timestamp when the score of this asset was last updated. This is a date-time string matching [RFC 3339, section 5.6](https://tools.ietf.org/html/rfc3339 "check the specification"). @@ -117,4 +133,58 @@ Timestamp when this asset was last updated. This is a date-time string matching | :----- | :-------- | :-------- | | String | Yes | No | +### labels property + +Metadata that Mondoo users add to assets + +`labels` + +| Type | Required? | Nullable? | +| :----- | :-------- | :-------- | +| Object | Yes | No | + +### annotations property + +Metadata that Mondoo adds to assets + +`annotations` + +| Type | Required? | Nullable? | +| :----- | :-------- | :-------- | +| Object | Yes | No | + +### exported_at property + +Timestamp when this data was exported. This is a date-time string matching [RFC 3339, section 5.6](https://tools.ietf.org/html/rfc3339 "check the specification"). + +`exported_at` + +| Type | Required? | Nullable? | +| :----- | :-------- | :-------- | +| String | Yes | No | + +### risk_factors + +Read [Risk Factors](/platform/maintain/export/schema/risk/). + +### base_score property + +Asset's score from most recent policy-based scan + +`base_score` + +| Type | Required? | Nullable? | +| :----- | :-------- | :-------- | +| Integer | ??? | ??? | + +### risk_score property + +Asset's risk score + +`risk_score` + +| Type | Required? | Nullable? | +| :----- | :-------- | :-------- | +| Integer | ??? | ??? | + --- diff --git a/docs/platform/maintain/export/schema/check.md b/docs/platform/maintain/export/schema/check.md new file mode 100644 index 000000000..29be39261 --- /dev/null +++ b/docs/platform/maintain/export/schema/check.md @@ -0,0 +1,123 @@ +--- +title: Check Result Export Schema +sidebar_label: Check Results +description: Query result schema for the Mondoo JSONL export +--- + +This is the schema Mondoo uses when exporting check result data to JSONL. + +## Result type + +`object` + +## Result properties + +| Property | Type | Required? | Nullable? | +| :----------------------------------- | :------------ | :-------- | :-------- | +| [space_mrn](#space_mrn-property) | `string` | Yes | No | +| [space_id](#space_id-property) | `string` | Yes | No | +| [space_name](#space_name-property) | `string` | Yes | No | +| [asset_id](#asset_id-property) | `string` | Yes | No | +| [asset_mrn](#asset_mrn-property) | `string` | Yes | No | +| [score](#score-property) | Deprecated | | | +| [base_score](#base_score-property) | `integer` | ??? | ??? | +| [risk_score](#risk_score-property) | `integer` | ??? | ??? | +| [status](#status-property) | `string` | Yes | No | +| [modified_at](#modified_at-property) | `string` | Yes | No | +| [failed_at](#failed_at-property) | `string` | ??? | ??? | + +### space_mrn property + +Mondoo identifier for the space containing the asset + +`asset_mrn` + +| Type | Required? | Nullable? | +| :----- | :-------- | :-------- | +| String | Yes | No | + +### space_id property + +Unique identifier for the space containing the asset + +`asset_mrn` + +| Type | Required? | Nullable? | +| :----- | :-------- | :-------- | +| String | Yes | No | + +### space_name property + +Name of the space containing the asset + +`asset_mrn` + +| Type | Required? | Nullable? | +| :----- | :-------- | :-------- | +| String | Yes | No | + +### asset_id property + +Unique identifier for the asset + +`asset_mrn` + +| Type | Required? | Nullable? | +| :----- | :-------- | :-------- | +| String | Yes | No | + +### asset_mrn property + +Mondoo identifier for the asset + +`asset_mrn` + +| Type | Required? | Nullable? | +| :----- | :-------- | :-------- | +| String | Yes | No | + +### score property + +Deprecated: Use `base_score` instead. + +### base_score property + +Asset's score from most recent policy-based scan + +`base_score` + +| Type | Required? | Nullable? | +| :----- | :-------- | :-------- | +| Integer | ??? | ??? | + +### risk_score property + +Asset's risk score + +`risk_score` + +| Type | Required? | Nullable? | +| :----- | :-------- | :-------- | +| Integer | ??? | ??? | + +### modified_at property + +Timestamp from when this check result item was last modified. This is a date-time string matching [RFC 3339, section 5.6](https://tools.ietf.org/html/rfc3339 "check the specification"). + +`modified_at` + +| Type | Required? | Nullable? | +| :----- | :-------- | :-------- | +| String | Yes | No | + +### failed_at property + +Optional timestamp from when this check result item failed This is a date-time string matching [RFC 3339, section 5.6](https://tools.ietf.org/html/rfc3339 "check the specification"). + +`failed_at` + +| Type | Required? | Nullable? | +| :----- | :-------- | :-------- | +| String | ??? | ??? | + +--- diff --git a/docs/platform/maintain/export/schema/result.md b/docs/platform/maintain/export/schema/result.md index 13b218d35..f904e5f95 100644 --- a/docs/platform/maintain/export/schema/result.md +++ b/docs/platform/maintain/export/schema/result.md @@ -1,10 +1,10 @@ --- -title: Result Export Schema -sidebar_label: Result -description: Result schema for the Mondoo JSONL export +title: Query Result Export Schema +sidebar_label: Query Results +description: Query result schema for the Mondoo JSONL export --- -This is the schema Mondoo uses when exporting result data to JSONL. +This is the schema Mondoo uses when exporting query result data to JSONL. ## Result type @@ -14,20 +14,64 @@ This is the schema Mondoo uses when exporting result data to JSONL. | Property | Type | Required? | Nullable? | | :----------------------------------- | :------------ | :-------- | :-------- | +| [space_mrn](#space_mrn-property) | `string` | Yes | No | +| [space_id](#space_id-property) | `string` | Yes | No | +| [space_name](#space_name-property) | `string` | Yes | No | +| [asset_id](#asset_id-property) | `string` | Yes | No | | [asset_mrn](#asset_mrn-property) | `string` | Yes | No | | [query_mrn](#query_mrn-property) | `string` | Yes | No | | [title](#title-property) | `string` | Yes | No | | [mql](#mql-property) | `string` | Yes | No | | [data](#data-property) | Not specified | Yes | No | | [exported_at](#exported_at-property) | `string` | Yes | No | -| [score](#score-property) | `integer` | Yes | No | -| [status](#status-property) | `string` | Yes | No | -| [modified_at](#modified_at-property) | `string` | Yes | No | -| [failed_at](#failed_at-property) | `string` | Yes | No | +| [score](#score-property) | Deprecated | | | +| [status](#status-property) | Deprecated | | | +| [modified_at](#modified_at-property) | Deprecated | | | +| [failed_at](#failed_at-property) | Deprecated | | | + +### space_mrn property + +Mondoo identifier for the space containing the asset + +`asset_mrn` + +| Type | Required? | Nullable? | +| :----- | :-------- | :-------- | +| String | Yes | No | + +### space_id property + +Unique identifier for the space containing the asset + +`asset_mrn` + +| Type | Required? | Nullable? | +| :----- | :-------- | :-------- | +| String | Yes | No | + +### space_name property + +Name of the space containing the asset + +`asset_mrn` + +| Type | Required? | Nullable? | +| :----- | :-------- | :-------- | +| String | Yes | No | + +### asset_id property + +Unique identifier for the asset + +`asset_mrn` + +| Type | Required? | Nullable? | +| :----- | :-------- | :-------- | +| String | Yes | No | ### asset_mrn property -Unique identifier for the query result item's asset +Mondoo identifier for the asset `asset_mrn` @@ -37,7 +81,7 @@ Unique identifier for the query result item's asset ### query_mrn property -Unique identifier for the query +Mondoo identifier for the query `query_mrn` @@ -47,7 +91,7 @@ Unique identifier for the query ### title property -The title of the query result item +Title of the query `title` @@ -57,7 +101,7 @@ The title of the query result item ### mql property -MQL of the query result item +MQL of the query `mql` @@ -67,7 +111,7 @@ MQL of the query result item ### data property -The data of the query result item +Data of the query result `data` @@ -87,42 +131,18 @@ Timestamp from when the data was exported. This is a date-time string matching [ ### score property -Score of the check result item - -`score` - -| Type | Required? | Nullable? | -| :------ | :-------- | :-------- | -| Integer | Yes | No | +Deprecated: Read [Check Results](/platform/maintain/export/schema/check/). ### status property -Status of the check result item - -`status` - -| Type | Required? | Nullable? | -| :----- | :-------- | :-------- | -| String | Yes | No | +Deprecated: Read [Check Results](/platform/maintain/export/schema/check/). ### modified_at property -Timestamp from when this check result item was last modified. This is a date-time string matching [RFC 3339, section 5.6](https://tools.ietf.org/html/rfc3339 "check the specification"). - -`modified_at` - -| Type | Required? | Nullable? | -| :----- | :-------- | :-------- | -| String | Yes | No | +Deprecated: Read [Check Results](/platform/maintain/export/schema/check/). ### failed_at property -Optional timestamp from when this check result item failed This is a date-time string matching [RFC 3339, section 5.6](https://tools.ietf.org/html/rfc3339 "check the specification"). - -`failed_at` - -| Type | Required? | Nullable? | -| :----- | :-------- | :-------- | -| String | Yes | No | +Deprecated: Read [Check Results](/platform/maintain/export/schema/check/). --- diff --git a/docs/platform/maintain/export/schema/risk.md b/docs/platform/maintain/export/schema/risk.md new file mode 100644 index 000000000..ce0ea990d --- /dev/null +++ b/docs/platform/maintain/export/schema/risk.md @@ -0,0 +1,51 @@ +--- +title: Risk Factor Export Schema +sidebar_label: Risk Factors +description: Risk factors schema for the Mondoo JSONL export +--- + +This is the schema Mondoo uses when exporting risk factor data to JSONL. + +## RiskFactor type + +`object` + +## RiskFactor properties + +| Property | Type | Required? | Nullable? | +| :----------------------------------- | :------------ | :-------- | :-------- | +| [id](#id-property) | `string` | Yes | No | +| [mrn](#mrn-property) | `string` | Yes | No | +| [name](#name-property) | `string` | Yes | No | + +### id property + +Unique identifier for the risk factor + +`id` + +| Type | Required? | Nullable? | +| :----- | :-------- | :-------- | +| String | Yes | No | + +### mrn property + +Mondoo identifier for the risk factor + +`mrn` + +| Type | Required? | Nullable? | +| :----- | :-------- | :-------- | +| String | Yes | No | + +### name property + +Name of the risk factor + +`name` + +| Type | Required? | Nullable? | +| :----- | :-------- | :-------- | +| String | Yes | No | + +--- diff --git a/docs/platform/maintain/export/schema/vulns.md b/docs/platform/maintain/export/schema/vulns.md index 660588545..031f57604 100644 --- a/docs/platform/maintain/export/schema/vulns.md +++ b/docs/platform/maintain/export/schema/vulns.md @@ -1,6 +1,6 @@ --- title: Vulnerability Export Schema -sidebar_label: Vulnerability +sidebar_label: Vulnerabilities description: Vulnerability schema for the Mondoo JSONL export --- @@ -14,18 +14,68 @@ This is the schema Mondoo uses when exporting vulnerability data to JSONL. | Property | Type | Required? | Nullable? | | :----------------------------------------------- | :------- | :-------- | :-------- | -| [asset_mrn](#asset_mrn-property) | `string` | Yes | No | +| [space_mrn](#space_mrn-property) | `string` | Yes | No | +| [space_id](#space_id-property) | `string` | Yes | No | +| [space_name](#space_name-property) | `string` | Yes | No | +| [asset_id](#asset_id-property) | `string` | Yes | No | +| [asset_mrn](#asset_mrn-property) | `string` | Yes | No | | [vuln_mrn](#vuln_mrn-property) | `string` | Yes | No | | [vuln_id](#vuln_id-property) | `string` | Yes | No | | [type](#type-property) | `string` | Yes | No | | [summary](#summary-property) | `string` | Yes | No | +| [cvss_score](#cvss_score-property) | `integer` | ??? | ??? | +| [cvss_severity](#cvss_severity-property) | `string` | ??? | ??? | | [first_detected_on](#first_detected_on-property) | `string` | Yes | No | | [resolved_on](#resolved_on-property) | `string` | Yes | No | | [exported_at](#exported_at-property) | `string` | Yes | No | +| [risk_factors](#risk_factors-property) | `json` | ??? | ??? | +| [references](#references-property) | `json` | ??? | ??? | +| [base_score](#base_score-property) | `integer` | ??? | ??? | +| [risk_score](#risk_score-property) | `integer` | ??? | ??? | + +### space_mrn property + +Mondoo identifier for the space containing the asset + +`asset_mrn` + +| Type | Required? | Nullable? | +| :----- | :-------- | :-------- | +| String | Yes | No | + +### space_id property + +Unique identifier for the space containing the asset + +`asset_mrn` + +| Type | Required? | Nullable? | +| :----- | :-------- | :-------- | +| String | Yes | No | + +### space_name property + +Name of the space containing the asset + +`asset_mrn` + +| Type | Required? | Nullable? | +| :----- | :-------- | :-------- | +| String | Yes | No | + +### asset_id property + +Unique identifier for the asset + +`asset_mrn` + +| Type | Required? | Nullable? | +| :----- | :-------- | :-------- | +| String | Yes | No | ### asset_mrn property -Unique identifier for the vulnerability item's asset +Mondoo identifier for the asset `asset_mrn` @@ -35,7 +85,7 @@ Unique identifier for the vulnerability item's asset ### vuln_mrn property -Unique identifier for the vulnerability +Mondoo identifier for the vulnerability `vuln_mrn` @@ -91,7 +141,7 @@ Optional timestamp from when the vulnerability was resolved. This is a date-time | Type | Required? | Nullable? | | :----- | :-------- | :-------- | -| String | Yes | No | +| String | No????? | Yes????? | ### exported_at property @@ -103,4 +153,38 @@ Timestamp from when this vulnerability data was exported. This is a date-time st | :----- | :-------- | :-------- | | String | Yes | No | +### risk_factors property + +Read [Risk Factors](/platform/maintain/export/schema/risk/). + +### references property + +CVE references + +`references` + +| Type | Required? | Nullable? | +| :----- | :-------- | :-------- | +| String | No????? | Yes????? | + +### base_score property + +Asset's score from most recent policy-based scan + +`base_score` + +| Type | Required? | Nullable? | +| :----- | :-------- | :-------- | +| Integer | ??? | ??? | + +### risk_score property + +Asset's risk score + +`risk_score` + +| Type | Required? | Nullable? | +| :----- | :-------- | :-------- | +| Integer | ??? | ??? | + ---