|
2 | 2 | "title": "Generic Ingest Edge", |
3 | 3 | "description": "Defines an edge between two nodes in a generic graph ingestion system. Each edge specifies a start and end node using either a unique identifier (id) or a name-based lookup. A kind is required to indicate the relationship type. Optional properties may include custom attributes. You may optionally constrain the start or end node to a specific kind using the kind field inside each reference.", |
4 | 4 | "type": "object", |
5 | | - "properties": { |
6 | | - "start": { |
| 5 | + "$defs": { |
| 6 | + "property_map": { |
| 7 | + "type": ["object", "null"], |
| 8 | + "description": "A key-value map of edge attributes. Values must not be objects. If a value is an array, it must contain only primitive types (e.g., strings, numbers, booleans) and must be homogeneous (all items must be of the same type).", |
| 9 | + "additionalProperties": { |
| 10 | + "anyOf": [ |
| 11 | + { "type": "string" }, |
| 12 | + { "type": "number" }, |
| 13 | + { "type": "boolean" }, |
| 14 | + { |
| 15 | + "type": "array", |
| 16 | + "anyOf": [ |
| 17 | + { "items": { "type": "string" } }, |
| 18 | + { "items": { "type": "number" } }, |
| 19 | + { "items": { "type": "boolean" } } |
| 20 | + ] |
| 21 | + } |
| 22 | + ] |
| 23 | + } |
| 24 | + }, |
| 25 | + "endpoint": { |
7 | 26 | "type": "object", |
8 | 27 | "properties": { |
9 | 28 | "match_by": { |
10 | 29 | "type": "string", |
11 | | - "enum": ["id", "name"], |
| 30 | + "enum": ["id", "name", "property"], |
12 | 31 | "default": "id", |
13 | | - "description": "Whether to match the start node by its unique object ID or by its name property." |
| 32 | + "description": "Whether to match the start node by its unique object ID or by a series of property matches. Note that the name value here is deprecated and will be removed in future versions. Users are advised to use the multi-property match strategy moving forward." |
| 33 | + }, |
| 34 | + "property_matchers": { |
| 35 | + "type": "array", |
| 36 | + "minItems": 1, |
| 37 | + "items": { |
| 38 | + "type": "object", |
| 39 | + "properties": { |
| 40 | + "key": { |
| 41 | + "type": "string" |
| 42 | + }, |
| 43 | + "operator": { |
| 44 | + "type": "string", |
| 45 | + "enum": ["equals"] |
| 46 | + }, |
| 47 | + "value": { |
| 48 | + "type": ["string", "number", "boolean"] |
| 49 | + } |
| 50 | + }, |
| 51 | + "required": ["key", "operator", "value"] |
| 52 | + } |
14 | 53 | }, |
15 | 54 | "value": { |
16 | 55 | "type": "string", |
|
21 | 60 | "description": "Optional kind filter; the referenced node must have this kind." |
22 | 61 | } |
23 | 62 | }, |
24 | | - "required": ["value"] |
25 | | - }, |
26 | | - "end": { |
27 | | - "type": "object", |
28 | | - "properties": { |
29 | | - "match_by": { |
30 | | - "type": "string", |
31 | | - "enum": ["id", "name"], |
32 | | - "default": "id", |
33 | | - "description": "Whether to match the end node by its unique object ID or by its name property." |
34 | | - }, |
35 | | - "value": { |
36 | | - "type": "string", |
37 | | - "description": "The value used for matching — either an object ID or a name, depending on match_by." |
38 | | - }, |
39 | | - "kind": { |
40 | | - "type": "string", |
41 | | - "description": "Optional kind filter; the referenced node must have this kind." |
| 63 | + "if": { |
| 64 | + "allOf": [ |
| 65 | + { |
| 66 | + "properties": { |
| 67 | + "match_by": { |
| 68 | + "type": "string", |
| 69 | + "const": "property" |
| 70 | + } |
| 71 | + } |
| 72 | + }, |
| 73 | + { |
| 74 | + "not": { |
| 75 | + "properties": { |
| 76 | + "match_by": { |
| 77 | + "type": "null" |
| 78 | + } |
| 79 | + } |
| 80 | + } |
| 81 | + } |
| 82 | + ] |
| 83 | + }, |
| 84 | + "then": { |
| 85 | + "required": ["property_matchers"], |
| 86 | + "not": { |
| 87 | + "required": ["value"] |
42 | 88 | } |
43 | 89 | }, |
44 | | - "required": ["value"] |
| 90 | + "else": { |
| 91 | + "required": ["value"], |
| 92 | + "not": { |
| 93 | + "required": ["property_matchers"] |
| 94 | + } |
| 95 | + } |
| 96 | + } |
| 97 | + }, |
| 98 | + "properties": { |
| 99 | + "start": { |
| 100 | + "$ref": "#/$defs/endpoint" |
| 101 | + }, |
| 102 | + "end": { |
| 103 | + "$ref": "#/$defs/endpoint" |
45 | 104 | }, |
46 | 105 | "kind": { |
47 | 106 | "type": "string", |
48 | | - "description": "The relationship type. Must contain only letters, numbers, and underscores.", |
| 107 | + "description": "Edge kind name must contain only alphanumeric characters and underscores.", |
49 | 108 | "pattern": "^[A-Za-z0-9_]+$" |
50 | 109 | }, |
51 | 110 | "properties": { |
52 | | - "type": ["object", "null"], |
53 | | - "description": "A key-value map of edge attributes. Values must not be objects. If a value is an array, it must contain only primitive types (e.g., strings, numbers, booleans) and must be homogeneous (all items must be of the same type).", |
54 | | - "additionalProperties": { |
55 | | - "type": ["string", "number", "boolean", "array"], |
56 | | - "items": { |
57 | | - "not": { |
58 | | - "type": "object" |
59 | | - } |
60 | | - } |
61 | | - } |
| 111 | + "$ref": "#/$defs/property_map" |
62 | 112 | } |
63 | 113 | }, |
64 | 114 | "required": ["start", "end", "kind"], |
|
72 | 122 | "match_by": "id", |
73 | 123 | "value": "server-5678" |
74 | 124 | }, |
75 | | - "kind": "HasSession", |
| 125 | + "kind": "has_session", |
| 126 | + "properties": { |
| 127 | + "timestamp": "2025-04-16T12:00:00Z", |
| 128 | + "duration_minutes": 45 |
| 129 | + } |
| 130 | + }, |
| 131 | + { |
| 132 | + "start": { |
| 133 | + "match_by": "property", |
| 134 | + "property_matchers": [ |
| 135 | + { |
| 136 | + "key": "prop_1", |
| 137 | + "operator": "equals", |
| 138 | + "value": "value" |
| 139 | + } |
| 140 | + ] |
| 141 | + }, |
| 142 | + "end": { |
| 143 | + "match_by": "id", |
| 144 | + "value": "server-5678" |
| 145 | + }, |
| 146 | + "kind": "has_session", |
76 | 147 | "properties": { |
77 | 148 | "timestamp": "2025-04-16T12:00:00Z", |
78 | 149 | "duration_minutes": 45 |
|
89 | 160 | "value": "file-server-1", |
90 | 161 | "kind": "Server" |
91 | 162 | }, |
92 | | - "kind": "AccessedResource", |
| 163 | + "kind": "accessed_resource", |
93 | 164 | "properties": { |
94 | 165 | "via": "SMB", |
95 | 166 | "sensitive": true |
|
102 | 173 | "end": { |
103 | 174 | "value": "domain-controller-9" |
104 | 175 | }, |
105 | | - "kind": "AdminTo", |
| 176 | + "kind": "admin_to", |
106 | 177 | "properties": { |
107 | 178 | "reason": "elevated_permissions", |
108 | 179 | "confirmed": false |
|
117 | 188 | "match_by": "id", |
118 | 189 | "value": "network-42" |
119 | 190 | }, |
120 | | - "kind": "ConnectedTo", |
| 191 | + "kind": "connected_to", |
121 | 192 | "properties": null |
122 | 193 | } |
123 | 194 | ] |
|
0 commit comments