Columns

Label value for mapnode record.

Unique identifier for scantype record

Unique name for snmpaliasgroup record. Currently, Spectre has only one snmpaliasgroup name and is called common

Alias given for this credentials. This is the value that gets displayed on UI

Next hop for this route.

Y coordinate value for mapnode record.

Boolean indicating if given route is in targeted CIDR list for any collectors of this zone. Targeted CIDR list represents CIDRs set in Discovery Spaces => Target List table. Set to true if it is targeted, false otherwise

Value for protocol.

The IP Address of the device for which the attribute is saved.

The most recent time when a device has responded with given attribute. It gets updated with curren timestamp everytime device response is received for an attribute.

Id of a device this record belongs to. It maps to device.id

Array of vlans for given interface host. device->interface->switchInfo->vlans gets normalized here.

Id of pattern that contains a match for given device response record. It maps to profile.pattern.id

Parameters passed in for update target processing. Possible parameters are onlyDeletes and verification

Boolean flag indicating if given device is a forwarder. Set to true if it is forwarder, false otherwise.

Credentials for snmpalias record. Credentials are stored in following format. <version of credential(either v2 or v3)>:alias name:encoded credentials.

Id that denotes what type of attribute this record indicates. It maps to system.attributetype.id column. Example values for attributetypes - cifsName, sysDescr, serialNumber.

Id of pattern that contains a match for given profile type record. It maps to profile.pattern.id

Boolean flag indicating if given device responded to snmpDiscovery scan type. Set to true if it responded to snmpDiscovery, false otherwise.

The value for the system attribute

Unique identifier for device record

Zone Id for the certificatepath_pattern record

Value of protocol. Valid values are arp, udp, icmp, snmp, snmpv2, tcp, dns, http, https, cifs, dhcp

Boolean flag that indicates whether this device was discovered and has gone through any type of consolidation. Value of false means that the device was discovered and has not gone through any consolidation. Value of true means it was consolidated as part of another discovery.

Boolean indicating if given route is in internal CIDR list for this zone. Internal CIDR list represents CIDRs set in Zone Networks => Internal List.Set to true if it is internal, false otherwise

List of ports (if any) that constituted this response. For example, for cifs response, it will be set to 445, for host response coming from dns, it will be set to 53. This column is only populated for httpDetails, hostDiscovery and cifs. Device->response->ports get normalized in this column. It contains all the list of ports a device has received response from for a given scan type and protocol at any given point in time.

Id that denotes what type of attribute this record indicates. It maps to system.attributetype.id column. Example values for attributetypes - cifsName, sysDescr, ASName, SerialNumber, known, avoid. For complete list, please see system.attributetype table.

The most recent time when a device has responded with given alias. It gets updated with current timestamp everytime a device response is received for an SNMP alias.

A serial number that gets inserted each time a collector is given list of targets. It contains nextval('zone.target_batch_id').

Scan Type / Discovery Type Id for target record. It maps to zone.scantype.id

Unique name for portgroup record. Values for name are, common, vulnerable, infectious. Please note that at the moment only vulnerable and infectious groups are used in discovery.

Id of an attribute/value for given match record. It maps to profile.attribute. All values for profile.attribute comes from pattern->attribute value of patterns.xml

Height value for mapnode record.

Zone Id of a device record. Since zone.device table is a parent table for all partitioned (by zone_id) tables, same IP Address can be found while querying zone.device table for different zone_id. It maps to zone.id column

Id of interface that contains this interface host.

Id of attribute type. Maps to system.attributetype.id

Route for this interface_route record. Same value can be found from route.id for matching route_id but it is inserted here as a form of denormalization for faster data retrieval.

To Device Id for link record. It maps to zone.device.id.

Collector Id of a device this record belongs to. It maps to system.collector.id

Id of a device this record belongs to. It maps to device.id

Rootport of interface. It is normalized from device->interface->index->switchInfo->rootPort.

Indicates vendor of this device. For the most up to date and accurate vendor info, use device_match table.

Trunk of interface. It is normalized from device->interface->switchInfo->trunkPort.

Indicates devicetype of this device. For the most up to date and accurate devicetype info, use device_match table.

Zone Id of a device_certificate record. It maps to zone.id column

Description of interface. It is normalized from device->interface->description.

Id of a device this record belongs to. It maps to device.id

Unique identifier for snmpalias record

unique identifier for cloudalias record

A boolean flag that is set to true if pattern that matched is result of match against services. Services patterns are the ones that are based on certain ports being open. So, if we find open ports and they match with any patterns, port_match is set to true

Boolean flag indicating if given device responded to outboundLeak scan type. Set to true if it responded to outboundLeak, false otherwise.

Route Type id. Maps to zone.routetype.id

Indicates version of this device. For the most up to date and accurate version info, use device_match table.

Zone Id for linkset record. It maps to system.zone.id

Id of interface that contains this interface address.

Boolean flag set to true or false indicating if CIDR (in cidrval column) contains any device that has any responses recorded. Set to true if there is any entry in device_response for any device containing this CIDR record, false otherwise

Pattern Id for macvendor_pattern record. It maps to profile.pattern.id

Profiledata Id for profiledata_pattern record. It maps to zone.profiledata.id

Boolean flag indicating if given device is trusted for this zone. Set to true if trusted, false otherwise. By trusted, it means that the device is set under Zone->Zone Network->Eligible List.

Unique identifier for updatetargetspace_log record

MD5 hash of the (normalized) data column

Unique identifier for protocol record

Collector Id for target record. It maps to system.collector.id however, there is no foreign key relation specified for this column.

Used to store target speicfic metadata. It holds extra configuration values that are being used by collectors. A non null value indicates update and holds details column value from target table prior to update. A null value indicates that this record was an insert.

Vlan number.

Linkset Id for link record. It maps to zone.linkset.id. It identifies whether this link is host or node and whether it is representing layer2 link or layer3 link

Zone Id for interface address record.

Key represents collector configuration information. Each key is unique for a given collector_id and zone_id record. For specific scantype, the key is represented as . For example pathDiscovery.udp or snmpDiscovery.enabled

Device Id of MAC that is host for this interface.

Timestamp when given map node record was acknowledged. Set only if mapnode.acknowledged is set to true.

Boolean flag indicating if given device is targeted for this zone (as part of any collector). Set to true if targeted, false otherwise. By targeted, it means that the device is set under Zone->Discovery Spaces->Target List.

Time when update target was run for this reord

Alias for scantype that gets displayed on UI for Discovery Statistics By Discovery Types report.

Certificate text that is received in the response.

Alias given for this credentials. This is the value that gets displayed on UI

Id of a snmpalias this record belongs to. It maps to zone.snmpalias.id

MacVendor id for macvendor_pattern record. It maps to system.macvendor.id

Unique identifier for device response record

This column stores the value of the CIDR

Device Id for target record. It maps to zone.device.id however, there is no foreign key relation specified for this column.

Start date for the certificate

Zone Id of a device_cloudalias record. It maps to zone.id

Zone Id for snmpalias record. It maps to system.zone.id

Router Protocol id. Maps to zone.routerprotocol.id

Key value pairs with port number and timestamp when port was reported closed. Sample values - "21"=>"25048310", "23"=>"25048310", "25"=>"25048310"≠

IP address of interface.

Id of a device this record belongs to. It maps to device.id

Scan Type / Discovery Type Id for target record. It maps to zone.scantype.id however, there is no foreign key relation specified for this column.

Actual IP/CIDR that needs to be targeted. Having value in this record avoids extra joins with attribute_cidr, device or route tables.

Status message indicating start and completion for update target processing

Id of pattern that contains a match for given profile type record. It contains a non null value for all matches resulted from macvendor. It maps to system.macvendor.id

Unique identifier for attribute_cidr record

Timestamp of the last time this MAC/IP pairing was seen. This will be used to potentially time out the MAC address for this device (which might occur if the device picks up its address via DHCP and moves from one subnet to another on the network)

The most recent time when a device has responded with given WMI alias. It gets updated with current timestamp everytime a device response for WMI discovery is received for an alias.

CIDR Id for target record. For each target CIDR entry, there will be one entry for host/path for collector that has host or path configured. It maps to zone.attribute_cidr.id however, there is no foreign key relation specified for this column.

Boolean flag indicating if this map node has being acknowledged.

CIDR value for attribute_cidr record

Unique identifier for certificat record. It maps to zone.certificate.id

Zone Id of a device_attribute record. It maps to zone.id column

Parent Id of a device. parent child relationship is implemented with self join to device table. If this field is not null, it indicates that this device is a child device and device.id that matches up with this zone.device.device_id is parent of this child.

Timestamp when this record was created/updated.

Id of attribute value. Maps to zone.attribute.id

Id of attribute this mapping represents. It maps to zone.attribute.id

Zone Id for interface table entry

Iftable Id for iftable_vlan record. It maps to zone.iftable.id. There is a one to many relationship between iftable id and vlan hence same iftable id can have multiple records for different vlan info

Id for system attribute. This maps to system.attributetype.id

Zone Id of a device_ports record. It maps to zone.id

Timestamp when this record was created/updated.

Expiration date of the certificate

Unique identifier for certificatepath record

A Random value used to distribute targets. When collector requests next set of targets, query performs order by ordid before returning target list

Zone Id for interface host record.

Name of vlan

Unique identifier for device_values record

Indicates the type of CIDR. Default values are set as follows: type is set to target if CIDR belongs to Discovery Spaces => Target List type is set to avoid if CIDR belongs to Discovery Spaces => Avoid List type is set to stop if CIDR belongs to Discovery Spaces => Stop List type is set to trusted if CIDR belongs to Zone Networks => Eligible List type is set to known if CIDR belongs to Zone Networks => Known List type is set to internal if CIDR belongs to Zone Networks => Internal List type is set to user-defined Label when user adds a Custom Attribute

Not being used or populated.

Timestamp when this record was created/updated

Zone Id for route record. It maps to system.zone.id

AS Path for this route.

The raw (unnormalized) profile data

Zone Id of a device_wmialias record. It maps to zone.id

Content hash of interface data that is constructed by concatenating interface index, description, name, alias, adminstatus, opstatus, physical address, addresses, vlan, voicevlan, switchinto port, switchinfo rootport, switchinfo trunkport, switchinfo vlans, switchinfo hosts acrosss all incoming interface infomation. It is used to perform a check to decide if any further update on interface is needed or not. For an incoming response, if a hash in iftable machtes with response's hash but contenthash doesn't match, ( Any of the attributes that calculates content hash has changed since last time we got response ) appropariate updates to iftable, interface and interface_hosts are made, else that procesing is skipped. Contenthash will be empty when iftable entry represents device level route processing.

AdminStatus of interface. It is normalized from device->interface->adminStatus.

Value of discovered meta data/attribute.

Scan Type Id of a device this record belongs to. It maps to zone.scantype.id

Boolean flag indicating if given device has any responses recorded. Set to true if there is any entry in device_response for this device, false otherwise.

Zone Id for iftable_vlan record

Zone Id for cloudalias record. It maps to system.zone.id

AS Number for this route.

Zone Id for target record. It maps to system.zone.id however, there is no foreign key relation specified for this column.

Zone Id for profiledata_pattern record. It maps to system.zone.id

Protocol Id of a device this record belongs to. It maps to zone.protocol.id

Boolean flag indicating if given device is a perimeter device. Set to true if device is internal and contains a link to another device that is not internal, false otherwise.

Indicates number of layer2 hosts this device is connected to. In other words, there are l2hosts number of layer2 edges between this device and other devices that are hosts.

Unique identifier for target_shadow record

Boolean flag indicating if given device is known for this zone. Set to true if known, false otherwise. By known, it means that the device is set under Zone->Zone Network->Known List.

Width value for mapnode record.

Boolean indicating if given route is in eligible CIDR list for this zone. Eligible CIDR list represents CIDRs set in Zone Networks => Eligible List.Set to true if it is eligible, false otherwise

Timestamp a device was last observed. Timestamp refers to timestamp/timezone of database server. It gets updated each time a response is received for this device. Note: Each time a response is received and processed for a device, lastobserved gets current timestamp and active gets set to true.

Zone Id for interface_route record.

The normalized profile data. At least converted to lower case and non printable characters are deleted or escaped.

Id of route. It maps to zone.route.id

Number of records that got impacted by this run and action.

Collector Id. Maps to system.collector.id

Content Id for profiledatatype record.

Zone Id of a device_profiledata record. It maps to zone.id

Not being used.

unique identifier for wmialias record

Zone Id for profiledatatype record

The MAC Address of the device for which the attribute is saved.

Array of port numbers for given portgroup record.

Id for data referencing certificate issuer. It maps to zone.certificatepath.id

Indicates number of layer3 nodes this device is connected to. In other words, there are l3peers number of layer3 edges between this device and other devices that are not hosts.

Not being used or populated.

Internal scantype value that maps to scantype.type

Bridge address of an interface table. It is normalized from device->bridgeAddress. It will be null when iftable entry represents device level route processing.

Array of credentials for given snmpaliasgroup record.

List of all ports that are reported closed for a device. Please see table description for more information.

Used to order aliases, use the default, do not write directly

Unique identifier for target record

Zone Id for mapnode record. It maps to system.zone.id

Unique identifier for link record

Credentials for wmialias record. Credentials are stored in following format: alias name:domain:encoded credentials.

Indicates model of this device. For the most up to date and accurate model info, use device_match table.

Id for device record. It maps to zone.device.id

Indicates operating system of this device. For the most up to date and accurate operating system info, use device_match table.

Actual IP/CIDR that needs to be targeted. Having value in this record avoids extra joins with attribute_cidr, device or route tables.

Unique identifier for routetype record

Interface Id for iftable_vlan record. It maps to zone.interface.id

Value for route type.

Confidence for any given match record. It is derived from profile.pattern_attribute for matching pattern_id and type_id. It is stored in device_match to make fetching profile information avoiding lookup against pattern_attribute.

Not being used or populated.

Route Id for target record. It maps to zone.route.id however, there is no foreign key relation specified for this column.

Unique identifier for device_attribute record

Serial number of the certificate

Zone Id of a device_snmpalias record. It maps to zone.id

Id of interface table record that this device is associated to. A device having a non null value in this column is most likely a switch. iftable_id maps to zone.iftable.id

MAC address of a device. MAC and meta flag has to be unique within a zone.

Boolean flag indicating if given device is internal for this zone. Set to true if internal, false otherwise. By internal, it means that the device is set under Zone->Zone Network->Internal List.

Boolean flag indicating if given device responded to inboundLeak scan type. Set to true if it responded to inboundLeak, false otherwise.

CIDR Id for target record. For each target CIDR entry, there will be one entry for host/path for collector that has host or path configured. It maps to zone.attribute_cidr.id

Zone Id of a device_values record. It maps to zone.id

Zone Id for interface entry.

Action Items for mapnode record.

Zone Id for the config record

The most recent time when a device has responded with given cloud alias. It gets updated with current timestamp everytime a device response for cloud discovery is received for an alias.

Boolean flag indicating if given device responded to pathDiscovery scan type. Set to true if it responded to pathDiscovery, false otherwise.

Value for scan type.

Collector Id for snmpalias record. It maps to system.collector.id

layer this linkset record presents. Valid values are '2' and '3'. Entries will be inserted as and when link with layer2 and/or layer3 are discovered.

Id of a wmialias this record belongs to. It maps to zone.wmialias.id

Attribute Id for profiledatatype record.

Device Id for this node.

Time when a device response was received for given scan type and protocol.

Tag value for mapnode record.

Zone Id of an attribute record. It maps to system.zone.id column

This column shows the collector name and collector id for which the CIDR belongs to. It is represented as Collector name (collector id)

Timestamp when this record was created/updated

Not used.

A hash that uniquely identifes an interface table. It is constructed by concatenating all interface->physicaladdresses and interface->index with | and creating a hash out of it. For an incoming response, if a record with identity hash does not exist, new entry is inserted in iftable. If an entry is inserted while processing device level routes, hash is set to "device:"

Responding port (where applicable) for profiledata. Set to 0 for profile data types sysDescr, sysObjId and CIFS. Set to -1 for tcp (p0f). Set to the port that responded to this profiledata/banner for profile data type http (certificate)

Zone Id for the certificatepath record

Alias given for this credentials. This is the value that gets displayed on UI

Type of action this updatetargetspace_log record represents. Valid values are: insert, update, delete.

Zone Id for link record

Collector Id for wmialias record. It maps to system.collector.id

Not being used.

Signature type of the certificate. For example RSA(4096), EC

From Device Id for link record. It maps to zone.device.id.

Start value for this range record

Id of CIDR that represents device_attribute record. It is mainly populated for ASName attributetype but can be used for any attribute that would contain a cidr. It maps to system.attribute_cidr.id

Key value pairs with port number and timestamp when port was reported open. Sample values - "80"=>"25048454", "135"=>"25048454"

Unique identifier for certificate record

Name of interface. It is normalized from device->interface->name.

CIDR value for route

The name of the system attribute

Type for profiledatatype record. Valid values are, tcp, http, sysObjectID, sysDescr, cifs.

Bridge of interface. It is normalized from device->interface->switchInfo->bridge.

A metadata that further identifies a device, especially the ones that don't have IP Address or MAC address. Possible values include (but are not limited to) collector:* or stealth:*. When a stealth device is found, notation that is being used to populate identity is stealth:::. start is either c for collector, or a device id. end is either h for a host, or a device id. For collector, notation is collector:. It is a null allowed field and for most of the devices it is set to null.

IP Address of a device. It can either be IPv4 or IPv6 IP Address. The combination of IP Address and meta flag has to be unique within a zone. That allows same IP Address to be stitched to itself. In that case, child record will have meta flag set to false, while parent record with the same IP Address will have meta flag set to true

Zone Id of a device_match record. zone.device_match table is a parent table for all partitioned (by zone_id) zone_xxx.device_match tables. It maps to zone.id column

Type of the certificate. For example SHA256withRSA, SHA1withRSA

Id of certificatepath that this certificatepath matches. It maps to zone.certificatepath.id

Boolean indicating if given route is in known CIDR list for this zone. Known CIDR list represents CIDRs set in Zone Networks => Known List. Set to true if it is known, false otherwise

Vlan of interface. It is normalized from device->interface->vlan as well as device->interface->switchInfo->vlans. If switchInfo contains vlan, it will use that instead of interface->vlan.

Timestamp a device was first observed. Timestamp refers to timestamp/timezone of database server

Used to store target speicfic metadata. It holds extra configuration values that are being used by collectors.

Id of a profiledata this record refers to. It maps to zone.profiledata.id. One profiledata_id can be shared across multiple devices.

Route Id for target record. It maps to zone.route.id

Unique identifier for profiledatatype record

Unique identifier for interfacetable record

This column shows the zone name and zone id for which the CIDR belongs to. It is represented as zone name (zone id)

Indicates how or why of the last update for this. It only retains the reason for the last update that happened to this device. For example, when an interface table data is processed for the first time, IP Address for that interface data gets lastupdate set to iftable-dev, however, while processing later response, if we got another update, we will then set the lastupdate to later response code. Possible values are: ident-ins - This value will be set if device with given identity doesn't exist in db and incoming device does not have IP associated with it. This will be mostly be true for all stealth devices. As we discover them, we insert them in db with lastupdate set to ident-ins identip-ins - very similar to ident-ins, This value will be seen if device with given identity does not exist in db and incoming device contains an IP Address. This will be true for collector device identip-upd - This value will be set when a response comes in for collector or stealth and there is no device in db with that entity. However, since IP Address exists in the database, we update existing database device and set its last update to identip-upd iftable-dev - This value will be set when a device interface table data is processed, one IP Address gets picked from available interface addresses and entry is created in device table for that IP Address and lastupdate for that device gets set to iftable-dev (along with meta to be true and iftable_id to be interface table id for this interface data) intf-ip-ins - This value will be set when a device interface data is processed, entries in interface->addresses (these are interface IP Addresses) and interface->physicalAddress (these are interface macs) gets inserted as devices. Their lastupdate is set to intf-ip-ins and device_id is set to id of device for that interface table data intf-ip-upd - This value will be set when while processing device interface data, if entry exists in the database for either interface->addresses or interface->physicaladdress but assigned to different device, (device_id is not same as id of interface device that we are processing), device for this IP or MAC gets updated with lastupdate set to intf-ip-upd and device_id set to id of interface device that is getting processed if IP Address exists in the database that is also contained in interface->addresess, database entry for that IP gets updated with lastupdate set to intf-ip-upd and device_id set to id of interface device that is getting processed and null mac ip - This value will be set when a device is discovered for the first time layer2-hosts - This value will be set when all MAC addresses present in interface->switchInfo->hosts get inserted into device table with lastupdate set to layer2-hosts. are almost always devices with null ip macip-arp - This value will be set When a device interface data is processed, all ARP entries (present in device->interface->hosts (as MAC/IP pairs)), where both MAC or IP does not exist in the database, gets inserted in to device table (with few exceptions) with lastupdate set to macip-arp snm-cons-ip - This value will be set for the device if serial number is present in response attributes and IP Address does not exist in database (we don't stitch devices on serial number if they have an interface table) snm-cons-meta - This value will be set ff serial number is present in response attributes and IP Address that exists in database does not have any parent device_id associated with it, we create a parent device for the same IP and set last update to snm-cons-meta for this parent IP and set meta to true snmp-macip - There are few scenarios when a device.lastupdate gets set to snmp-macip: 1. When a device response contains ARP entries and for a given arp entry (MAC/IP pair), if device with either of the MAC address or IP Address does not exist in the database, a device entry is created with lastupdate set to snmp-macip - This is really synonymous to macip-arp and might need to change it to macip-arp 2. When a device response contains ARP entries and for a given arp entry (MAC/IP pair), if device exists in the database with IP that is in MAC/IP pair, however no device exists in the database with MAC from MAC/IP pair, and database device with IP does not have a MAC associated with it, that database device gets updated with MAC from arp entry and lastupdate is set to snmp-macip 3. When a device response contains ARP entries and for a given arp entry (MAC/IP pair), if two separate devices exist in the database (one with IP set to arp IP and another one with MAC set to arp MAC) and none of the devices in the database are consolidated (their device_id is null) and if IP device in database also has a MAC (different then the one in arp entry), update database device with arp IP and set its IP Address to null and lastupdate to snmp-macip and ident set to "unassigned:" (Side note: Device in database with arp MAC gets updated and its IP is set to arp IP) snmp-macip-assign snmp-macip-reassign

Boolean indicating whether this linkset record refers to hosts or nodes. Set to true for hosts, false otherwise.

Used to order aliases, use the default, do not write directly

Unique identifier for mapnode record

Pattern Id for profiledatatype record

Unique identifier for route record

Timestamp when this route record was created/updated

Zone Id of a device_pattern record. It maps to zone.id column

Id of a device this attribute belongs to. It maps to device.id

Type for profiledatatype record. Valid values are, tcp, http, sysObjectID, sysDescr, cifs.

List of all ports that are reported open for a device. Please see table description for more information.

Id of map this mapnode record refers to.

Zone Id for updatetargetspace_log record.

Collector Id for this config record. It maps to system.collector.id

Newattribute Id for profiledatatype record.

Id of macvendor of a device. It maps to system.macvendor.id

Id of a device this record belongs to. It maps to device.id

Collector Id for target record. It maps to system.collector.id

X coordinate value for mapnode record.

Pattern Id for profiledata_pattern record. It maps to profile.pattern.id

Id of a device this pattern match belongs to. It maps to device.id

Zone Id for target record. It maps to system.zone.id.

Id of pattern that contains a match for given profile type record. It contains a non null value for all matches resulted from http (certificate). It maps to zone.certificatepath.id

Id of profiledata that is matched against this device and pattern record. It maps to zone.profiledata.id. It contains a non null value for all matches resulted from snmp (sysDescr, sysObj), CIFS, tcp (p0f) responses.

Indicates number of layer2 nodes this device is connected to. In other words, there are l2peers number of layer2 edges between this device and other devices that are not hosts.

Unique identifier for routeprotocol record

Id of a profiledata type this record refers to. It maps to zone.profiledatatype.id. Valid values for zone.profiledatatype.type are sysDescr, sysObjectID, tcp, http, cifs.

Id for value of the system attribute. This maps to zone.attribute.attributetype_id

Index of interface. It is normalized from device->interface->index.

Has this route been withdrawn by the discovering routing protocol (currently only BGP supports this)

Id of the device for which the attribute is saved.

Optstatus of interface. It is normalized from device->interface->opstatus.

Version of the certificate

Port of interface. It is normalized from device->interface->switchInfo->port.

Unique identifier for profiledatatype record

Unique identifier for config record

Alias of interface. It is normalized from device->interface->alias.

Id of pattern that this certificatepath matches. It maps to profile.pattern.id

Unique identifier for interface_address record.

Device Id for target record. It maps to zone.device.id

Not being used or populated.

Used to store target speicfic metadata. It holds extra configuration values that are being used by collectors.

Asset Reference value for mapnode record.

Timestamp when this target was picked up by a collector last. It is set to null when it is yet to be picked up. When collector asks for next set of records, records with null last_target will get picked up first. If value is non null, targets will be picked up if time elapsed since last_update is greater than rescan interval of a collector.

Zone Id of a device_response record. It maps to zone.id

Zone Id for attribute_cidr record

Boolean flag that is set to true each time when a device is discovered and when a response is received for that device. It is set to false when no response is received for the device for 3 consecutive rescan intervals

Id of a profile type for given match record. It maps to profile.type. Valid values for profile.type are Device Type, OS, Model, Version, Vendor

Used to order aliases, use the default, do not write directly

Unique identifier for interfacetable record.

Unique identifier for attribute record

Id of a device this record belongs to. It maps to device.id

Indicates the attribute value when user adds a Custom Attribute

Id for data referencing certificate subject. It maps to zone.certificatepath.id

Zone Id for the certificate record

Indicates number of layer3 hosts this device is connected to. In other words, there are l3hosts number of layer3 edges between this device and other devices that are hosts.

Not being used.

Collector Id for cloudalias record. It maps to system.collector.id

Id of a device this attribute belongs to. It maps to device.id

Physical address of interface. It is normalized from device->interface->physicalAddress.

Credentials for cloudalias record. Credentials are stored in following format: <cloud provider for credential(aws)>:alias name:encoded credentials.

End value for this range record

Unique identifier for linkset record

Zone Id for wmialias record. It maps to system.zone.id

Timestamp when this route was first seen. If the route is expired out and recreated, this will be the timestamp from when we last created it.

Unique identifier for interface_route record.

Configuration value for a given key, within a collector and zone

Id of a cloudalias this record belongs to. It maps to zone.cloudalias.id

Id of a device this record belongs to. It maps to device.id