Home
Resources
N2OS Software Development Kit
The N2OS Software Development Kit (SDK).
Data model reference
The data model reference for query entities.
asset_cves
View of Node Common Vulnerability and Exposures (CVE) grouped by CVE and asset.

Resources
- Release Notes
  Access the release notes for release-based products.
- N2OS Configuration
  The N2OS Configuration - Reference Guide.
- N2OS Software Development Kit
  The N2OS Software Development Kit (SDK).
  - Scriptable protocols
    The Lua scripting API for building a custom protocol decoder.
  - Scriptable variables
    The scriptable variables correlation feature allows users to implement custom checks on the way variable values change over time. This section covers how such scripts can be implemented and used.
  - OpenAPI
    The scriptable variables correlation feature allows users to implement custom checks on the way variable values change over time. This section covers how such scripts can be implemented and used.
  - Data model reference
    The data model reference for query entities.
    - alerts
      A list of alerts that Guardian raises.
    - appliances
      This query source contains information about the sensors connected to the current CMC or Guardian.
    - assertions
      An assertion represents an automatic check against other query sources.
    - assets
      Assets represent a local, physical system, and can be composed of one or more nodes.
    - asset_cves
      View of Node Common Vulnerability and Exposures (CVE) grouped by CVE and asset.
    - captured_logs
      Logs captured passively over the network.
    - captured_urls
      URLs and other protocol calls found in the network. Access to files, requests to DNS, requested URLs and others are available in this query source.
    - function_codes
      Function codes used in the environment.
    - health_log
      Health-related events about the system - like high resource utilization or hardware-related issues or events.
    - link_events
      Events that can occur on a link, including being available or not.
    - links
      Links are protocol relations between two nodes with a specific protocol. They model the interaction between nodes.
    - node_cpe_changes
      When a Common Platform Enumeration (CPE) updates, it creates an entry in this query source to track software updates or to detect software.
    - node_cpes
      Lists Common Platform Enumerations (CPEs), that is software or components connected to a specific node in the system.
    - node_cves
      Vulnerabilities are matched against current CVEs.
    - node_points
      Data points are polled via Smart Polling from monitored nodes.
    - nodes
      A list of nodes, where a node is an L2 or L3 or other entity able to speak some protocol.
    - report_files
      Generated reports available for consultation.
    - sessions_history
      Archived sessions.
    - sessions
      Live, mostly open, sessions between nodes. A session is a specific application-level connection between nodes. A link can hold one or more sessions at a given time.
    - variable_history
      History of values for variables, where history has been enabled.
    - variables
      Variables extracted via DPI from the monitored system.
  - Data integration best practices
    A description of best practices when using Nozomi Networks data integration with Syslog integration or OpenAPI calls.
- Integration Guides
  Integration guides to help you use applications that integrate with Nozomi Networks products.
- Reference Guides
  Additional reference guides with information on items such as Alerts and Incidents and Federal Information Processing Standards (FIPS).
- Quick Start Guides
  Hardware Quick Start Guides.
- Security
  Stay up-to-date with the most recent information and solutions for all vulnerabilities that affect Nozomi Networks products.
- Print format documentation
  A list of all the technical documentation that is available in print format.
- Documentation archive
  Access previous versions of the technical documentation.

asset_cves

View of Node Common Vulnerability and Exposures (CVE) grouped by CVE and asset.


asset_id	The identifier (ID) of the vulnerable asset
cve	Common Vulnerabilities and Exposures (CVE) ID
cwe_id	Vulnerability category ID
cwe_name	Vulnerability category name
creation_time	Timestamp for creation of the vulnerability
epss_score	The EPSS score assigned to the CVE
id	Primary key for this query source
is_kev	Status of Known Exploited Vulnerability
latest_hotfix	Latest and most complete hotfix to install to solve the related CVE (only relevant for Microsoft Windows assets)
likelihood	Value between 0.1 and 1.0, where 1.0 represents the maximum likelihood that the CVE is present
matching_cpes	List of Common Platform Enumeration (CPE)s that lead to assigning the vulnerability to this node
minimum_hotfix	Minimum hotfix to install to solve the related CVE (only relevant for Microsoft Windows assets)
name	Labels of the vulnerable nodes
nodes	List of vulnerable nodes belonging to the same asset
references	List of references to external websites providing extra information about the vulnerability
resolved	Whether or not the vulnerability has been resolved by an installed patch (only relevant for Microsoft Windows assets)
score	CVSS (Common Vulnerability Scoring System) score assigned to this CVE
source	Entity that provided the original information about the vulnerability
summary	Description of the vulnerability
time	Timestamp (in epoch milliseconds) at which the vulnerability has been found on the network node in the user's environment
update_time	Timestamp for when this vulnerability was last updated