2828 - name : sort_by
2929 description : |
3030 Sortable columns are `severity`, `finding_type`, `finding`, `platform`, `environment_id`,
31- `zone_id`, `source_principal_id`, `source_principal_kind`, `target_principal_id`, `target_principal_kind`, `status`, `first_seen`, `last_seen`.
31+ `zone_id`, `zone_name`, `source_principal_id`, `source_principal_kind`, `source_principal_name`,
32+ `target_principal_id`, `target_principal_kind`, `target_principal_name`, `status`, `first_seen`, `last_seen`.
3233in : query
3334 schema :
3435 $ref : " ./../schemas/api.params.query.sort-by.yaml"
6263 in : query
6364 schema :
6465 $ref : " ./../schemas/api.params.predicate.filter.string.yaml"
66+ - name : zone_name
67+ description : Filter by zone name (e.g. "Tier Zero").
68+ in : query
69+ schema :
70+ $ref : " ./../schemas/api.params.predicate.filter.string.yaml"
6571 - name : source_principal_id
6672 description : Filter by source principal identifier.
6773 in : query
7278 in : query
7379 schema :
7480 $ref : " ./../schemas/api.params.predicate.filter.string.yaml"
81+ - name : source_principal_name
82+ description : Filter by source principal display name.
83+ in : query
84+ schema :
85+ $ref : " ./../schemas/api.params.predicate.filter.string.yaml"
7586 - name : target_principal_id
7687 description : Filter by target principal identifier.
7788 in : query
8293 in : query
8394 schema :
8495 $ref : " ./../schemas/api.params.predicate.filter.string.yaml"
96+ - name : target_principal_name
97+ description : Filter by target principal display name.
98+ in : query
99+ schema :
100+ $ref : " ./../schemas/api.params.predicate.filter.string.yaml"
85101 - name : status
86102 description : Filter by finding status.
87103 in : query
110126 examples :
111127 Unified CSV export :
112128 value : |
113- severity,finding_type,finding,platform,environment_id,zone_id,source_principal_id,source_principal_kind,target_principal_id,target_principal_kind,status,first_seen,last_seen
114- critical,relationship,Tier Zero Generic Write,Active Directory,S-1-5-21-1974516972-3116780949-2584384717,Tier Zero,RPATTON@CORP1.LAB.HOME-LABS.LOL,User,ADMIN@CORP1.LAB.HOME-LABS.LOL,User,active,2026-04-11T00:30:18Z,2026-04-14T16:57:35Z
115- high,list,Kerberoasting,Active Directory,S-1-5-21-1974516972-3116780949-2584384717,Tier Zero,,,,User,accepted,2026-04-11T00:30:18Z,2026-04-14T16:57:35Z
129+ severity,finding_type,finding,platform,environment_id,zone_id,zone_name, source_principal_id,source_principal_kind,source_principal_name, target_principal_id,target_principal_kind,target_principal_name ,status,first_seen,last_seen
130+ critical,relationship,Tier Zero Generic Write,Active Directory,S-1-5-21-1974516972-3116780949-2584384717,1, Tier Zero,RPATTON@CORP1.LAB.HOME-LABS.LOL,User,Robert Patton, ADMIN@CORP1.LAB.HOME-LABS.LOL,User,Domain Admin ,active,2026-04-11T00:30:18Z,2026-04-14T16:57:35Z
131+ high,list,Kerberoasting,Active Directory,S-1-5-21-1974516972-3116780949-2584384717,1, Tier Zero,,,,PSX_D_BA@CORP1.LAB.HOME-LABS.LOL, User,Backup Admin ,accepted,2026-04-11T00:30:18Z,2026-04-14T16:57:35Z
116132application/json :
117133 schema :
118134 allOf :
@@ -142,20 +158,29 @@ get:
142158 type : string
143159 description : Environment identifier.
144160 zone_id :
161+ type : integer
162+ description : Zone identifier (asset group tag id).
163+ zone_name :
145164 type : string
146- description : Zone identifier .
165+ description : Human-readable zone name. Empty when the finding is not tied to a named zone .
147166 source_principal_id :
148167 type : string
149168 description : Source principal identifier. Omitted for list findings.
150169 source_principal_kind :
151170 type : string
152171 description : Source principal kind. Omitted for list findings.
172+ source_principal_name :
173+ type : string
174+ description : Source principal display name resolved from principal properties. Empty when unavailable or for list findings.
153175 target_principal_id :
154176 type : string
155177 description : Target principal identifier.
156178 target_principal_kind :
157179 type : string
158180 description : Target principal kind.
181+ target_principal_name :
182+ type : string
183+ description : Target principal display name resolved from principal properties. Empty when unavailable.
159184 status :
160185 type : string
161186 description : Finding status.
@@ -181,11 +206,14 @@ get:
181206 finding : " Tier Zero Generic Write"
182207 platform : " Active Directory"
183208 environment_id : " S-1-5-21-1974516972-3116780949-2584384717"
184- zone_id : " Tier Zero"
209+ zone_id : 1
210+ zone_name : " Tier Zero"
185211 source_principal_id : " RPATTON@CORP1.LAB.HOME-LABS.LOL"
186212 source_principal_kind : " User"
213+ source_principal_name : " Robert Patton"
187214 target_principal_id : " ADMIN@CORP1.LAB.HOME-LABS.LOL"
188215 target_principal_kind : " User"
216+ target_principal_name : " Domain Admin"
189217 status : " active"
190218 first_seen : " 2026-04-11T00:30:18.491666Z"
191219 last_seen : " 2026-04-14T16:57:35.675609Z"
@@ -194,9 +222,14 @@ get:
194222 finding : " Kerberoasting"
195223 platform : " Active Directory"
196224 environment_id : " S-1-5-21-1974516972-3116780949-2584384717"
197- zone_id : " Tier Zero"
225+ zone_id : 1
226+ zone_name : " Tier Zero"
227+ source_principal_id : " "
228+ source_principal_kind : " "
229+ source_principal_name : " "
198230 target_principal_id : " PSX_D_BA@CORP1.LAB.HOME-LABS.LOL"
199231 target_principal_kind : " User"
232+ target_principal_name : " Backup Admin"
200233 status : " accepted"
201234 first_seen : " 2026-04-11T00:30:18.491666Z"
202235 last_seen : " 2026-04-14T16:57:35.675609Z"
0 commit comments