Record Data type

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Record Data type

Jayson Henkel
Hi Guys,

I am wondering if I can use the record data type to  represent vulnerability information within my Website inventory media wiki.

Background, I am trying to purpose an SMW as a website inventory program for a large telco.

So far I'm capturing ownership information, criticality, registrar and various dates, turn up, decommission etc.

I was wondering if I could drive webscanner vulnerability data into the wiki using the "Record" data type.
Ideally we'd want to be able to slice and dice this information as well.

Right now my wiki is setup as

A page is a url eg. The page is www.example.com<http://www.example.com>

I'd like to be able to have all the various administrative telemetry in there but perhaps in a table have, (I hope 7 fields is ok, I heard there's a suggested limit of 5)

Vulnerability Data:

Vulnerability ID, Finding Date, Criticality, Common Weakness Enumeration (CWE ID ), Common Vulnerability  Enumeration (CVE ID), Vulnerability Finding Info, Remediated Flag

There might be multiple entries on a single page and would ideally just be additional rows.

I'd like to then be able to query on a global level the # of sites with vulnerabilities of X criticality , discovered before X date, Sites with the vulnerabilities not fixed (remediated flag not set)


Is this possible, or is it a really complex undertaking?


Thanks
Jayson


------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140
_______________________________________________
Semediawiki-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/semediawiki-user
Reply | Threaded
Open this post in threaded view
|

Re: Record Data type

Krabina Bernhard
Dear Jayson,

it is possible, but I would recommend two things:

1) If you want to use n-ary relations, I would not use the record datatype but the extension "Semantic Internal Objects". It has more flexibility that the record datatype.

2) Also, to make things easier, I would avoid n-ary relations as much as possible. Why not do it like this:

category:pages
--------------
keep your pages about URLS with your basic information (ownership information, criticality, registrar and various
dates, turn up, decommission etc.)

category:vulnerability (so each vulnerability will also be a seperate page)
----------------------
Vulnerability ID, Finding Date, Criticality, Common Weakness Enumeration (CWE ID), Common Vulnerability  Enumeration (CVE ID), Vulnerability Finding Info,
Remediated Flag

now you have to link these two together: either you add a property "Vulnerability ID" to the category pages. So you can just add a field where you put one or several Vulnerabilty IDs that the pages have.
or you do it the other way around: add a property "URL" to the cateogry:vulnerability where you add pages that have the mentioned vulnerability.

cheers,
Bernhard

----- Am 20. Jan 2016 um 23:43 schrieb Jayson Henkel [hidden email]:

> Hi Guys,
>
> I am wondering if I can use the record data type to  represent vulnerability
> information within my Website inventory media wiki.
>
> Background, I am trying to purpose an SMW as a website inventory program for a
> large telco.
>
> So far I'm capturing ownership information, criticality, registrar and various
> dates, turn up, decommission etc.
>
> I was wondering if I could drive webscanner vulnerability data into the wiki
> using the "Record" data type.
> Ideally we'd want to be able to slice and dice this information as well.
>
> Right now my wiki is setup as
>
> A page is a url eg. The page is www.example.com<http://www.example.com>
>
> I'd like to be able to have all the various administrative telemetry in there
> but perhaps in a table have, (I hope 7 fields is ok, I heard there's a
> suggested limit of 5)
>
> Vulnerability Data:
>
> Vulnerability ID, Finding Date, Criticality, Common Weakness Enumeration (CWE ID
> ), Common Vulnerability  Enumeration (CVE ID), Vulnerability Finding Info,
> Remediated Flag
>
> There might be multiple entries on a single page and would ideally just be
> additional rows.
>
> I'd like to then be able to query on a global level the # of sites with
> vulnerabilities of X criticality , discovered before X date, Sites with the
> vulnerabilities not fixed (remediated flag not set)
>
>
> Is this possible, or is it a really complex undertaking?
>
>
> Thanks
> Jayson
>
>
> ------------------------------------------------------------------------------
> Site24x7 APM Insight: Get Deep Visibility into Application Performance
> APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
> Monitor end-to-end web transactions and take corrective actions now
> Troubleshoot faster and improve end-user experience. Signup Now!
> http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140
> _______________________________________________
> Semediawiki-user mailing list
> [hidden email]
> https://lists.sourceforge.net/lists/listinfo/semediawiki-user

------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140
_______________________________________________
Semediawiki-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/semediawiki-user
Reply | Threaded
Open this post in threaded view
|

Re: Record Data type

thingles
In addition to what Krabina highlights on use of categories I would also strongly recommend that you look at additional namespaces as well as subpages.

I would consider the n records you have for a site to each be a subpage of that site. This allows the data to be managed independently, and also aligns talk pages nicely with each record.

The vulnerabilities I would consider putting in their own namespace so that they are isolated from everything else.

Jamie

> On Jan 21, 2016, at 2:58 AM, Krabina Bernhard <[hidden email]> wrote:
>
> Dear Jayson,
>
> it is possible, but I would recommend two things:
>
> 1) If you want to use n-ary relations, I would not use the record datatype but the extension "Semantic Internal Objects". It has more flexibility that the record datatype.
>
> 2) Also, to make things easier, I would avoid n-ary relations as much as possible. Why not do it like this:
>
> category:pages
> --------------
> keep your pages about URLS with your basic information (ownership information, criticality, registrar and various
> dates, turn up, decommission etc.)
>
> category:vulnerability (so each vulnerability will also be a seperate page)
> ----------------------
> Vulnerability ID, Finding Date, Criticality, Common Weakness Enumeration (CWE ID), Common Vulnerability  Enumeration (CVE ID), Vulnerability Finding Info,
> Remediated Flag
>
> now you have to link these two together: either you add a property "Vulnerability ID" to the category pages. So you can just add a field where you put one or several Vulnerabilty IDs that the pages have.
> or you do it the other way around: add a property "URL" to the cateogry:vulnerability where you add pages that have the mentioned vulnerability.
>
> cheers,
> Bernhard
>
> ----- Am 20. Jan 2016 um 23:43 schrieb Jayson Henkel [hidden email]:
>
>> Hi Guys,
>>
>> I am wondering if I can use the record data type to  represent vulnerability
>> information within my Website inventory media wiki.
>>
>> Background, I am trying to purpose an SMW as a website inventory program for a
>> large telco.
>>
>> So far I'm capturing ownership information, criticality, registrar and various
>> dates, turn up, decommission etc.
>>
>> I was wondering if I could drive webscanner vulnerability data into the wiki
>> using the "Record" data type.
>> Ideally we'd want to be able to slice and dice this information as well.
>>
>> Right now my wiki is setup as
>>
>> A page is a url eg. The page is www.example.com<http://www.example.com>
>>
>> I'd like to be able to have all the various administrative telemetry in there
>> but perhaps in a table have, (I hope 7 fields is ok, I heard there's a
>> suggested limit of 5)
>>
>> Vulnerability Data:
>>
>> Vulnerability ID, Finding Date, Criticality, Common Weakness Enumeration (CWE ID
>> ), Common Vulnerability  Enumeration (CVE ID), Vulnerability Finding Info,
>> Remediated Flag
>>
>> There might be multiple entries on a single page and would ideally just be
>> additional rows.
>>
>> I'd like to then be able to query on a global level the # of sites with
>> vulnerabilities of X criticality , discovered before X date, Sites with the
>> vulnerabilities not fixed (remediated flag not set)
>>
>>
>> Is this possible, or is it a really complex undertaking?
>>
>>
>> Thanks
>> Jayson
>>
>>
>> ------------------------------------------------------------------------------
>> Site24x7 APM Insight: Get Deep Visibility into Application Performance
>> APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
>> Monitor end-to-end web transactions and take corrective actions now
>> Troubleshoot faster and improve end-user experience. Signup Now!
>> http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140
>> _______________________________________________
>> Semediawiki-user mailing list
>> [hidden email]
>> https://lists.sourceforge.net/lists/listinfo/semediawiki-user
>
> ------------------------------------------------------------------------------
> Site24x7 APM Insight: Get Deep Visibility into Application Performance
> APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
> Monitor end-to-end web transactions and take corrective actions now
> Troubleshoot faster and improve end-user experience. Signup Now!
> http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140
> _______________________________________________
> Semediawiki-user mailing list
> [hidden email]
> https://lists.sourceforge.net/lists/listinfo/semediawiki-user


------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140
_______________________________________________
Semediawiki-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/semediawiki-user