Understanding the reporting data model: Dimensions

Data model 2.0.0 exposes information about linking assets across sites. All previous information is still available, and in the same format. As of data model 2.0.0, there is a sites column in the dim_asset dimension that lists the sites to which an asset belongs.

Junk Scope Dimensions

The following dimensions are provided to allow the report designer access to the specific configuration parameters related to the scope of the report, including vulnerability filters.

dim_pci_note

dim_pci_note

Description: Dimension for the text descriptions of PCI special notes.

Type: junk

ColumnData TypeNullableDescriptionAssociated Dimension
pci_note_idintegerNoThe code that represents the PCI note description
pci_note_texttextNoThe text detailing the PCI special note
dim_scope_asset

dim_scope_asset

Description: Provides access to the assets specifically configured within the configuration of the report. This dimension will contain a record for each asset selected within the report configuration.

Type: junk

ColumnData TypeNullableDescriptionAssociated Dimension
asset_idbigintNoThe identifier of the asset
dim_scope_asset_group

dim_scope_asset_group

Description: Provides access to the asset groups specifically configured within the configuration of the report. This dimension will contain a record for each asset group selected within the report configuration.

Type: junk

ColumnData TypeNullableDescriptionAssociated Dimension
asset_group_idbigintNoThe identifier of the asset group
dim_scope_filter_vulnerability_category_include

dim_scope_filter_vulnerability_category_include

Description: Provides access to the names of the vulnerability categories that are configured to be included within the scope of the report. One record will be present for every category that is included. If no vulnerability categories are enabled for inclusion, this dimension table will be empty.

Type: junk

ColumnData TypeNullableDescriptionAssociated Dimension
nametextNoThe name of the vulnerability categorydim_vulnerability_category
dim_scope_filter_vulnerability_severity

dim_scope_filter_vulnerability_severity

Description: Provides access to the severity filter enabled within the report configuration. The severity filter is exposed as the maximum severity score a vulnerability can have to be included within the scope of the report. This dimension is guaranteed to only have one record. If no severity filter is explicitly enabled, the minimum severity value will be 0.

Type: junk

ColumnData TypeNullableDescriptionAssociated Dimension
min_severitynumeric (2)NoThe minimum severity that a vulnerability must have to be included in the scope of the report. If no filter is applied to severity, defaults to 0.dim_vulnerability_category
severity_descriptiontextNoA human-readable description of the severity filter that is enabled.
dim_scope_filter_vulnerability_status

dim_scope_filter_vulnerability_status

Description: Provides access to the vulnerability status filters enabled within the configuration of the report. A record will be present for every status filter that is enabled, and is guaranteed to have between a minimum one and maximum three statuses enabled.

Type: junk

ColumnData TypeNullableDescriptionAssociated Dimension
status_idcharacter(1)NoThe identifier of the vulnerability statusdim_vulnerability_status
dim_scope_policy

dim_scope_policy

Description: This is the dimension for all policies within the scope of the report. It contains one record for every policy defined in the report scope. If none has been defined, it contains one record for every policy that has been scanned with at least one asset in the scope of the report.

Type: slowly changing (Type I)

ColumnData TypeNullableDescriptionAssociated Dimension
policy_idbigintNoThe identifier of the policy.
scopetextNoThe identifier for scope of policy. Policies that are automatically available have "Built-in" scope, whereas policies created by users have scope as "Custom".
dim_scope_scan

dim_scope_scan

Description: Provides access to the scans specifically configured within the configuration of the report. This dimension will contain a record for each scan selected within the report configuration.

Type: junk

ColumnData TypeNullableDescriptionAssociated Dimension
scan_idbigintNoThe identifier of the asset scan.dim_scan
dim_scope_site

dim_scope_site

Description: Provides access to the sites specifically configured within the configuration of the report. This dimension will contain a record for each site selected within the report configuration.

Type: junk

ColumnData TypeNullableDescriptionAssociated Dimension
site_idintegerNoThe identifier of the site.dim_site

Core Entity Dimensions

Assets

dim_asset

dim_asset

Description: Dimension that provides access to the textual information of all assets configured to be within the scope of the report. Only the information from the most recent scan of each asset is used to provide an accumulating summary. There will be one record in this dimension for every single asset in scope, including assets specified through configuring scans, sites, or asset groups to be within scope.

Type: slowly changing (Type I)

ColumnData TypeNullableDescriptionAssociated Dimension
asset_idbigintNoThe identifier of the asset.
mac_addressmacadrYesThe primary MAC address of the asset. If an asset has had no MAC address identified, the value will be null. If an asset has multiple MAC addresses, the primary or best address is selected.
ip_addressinetNoThe primary IP address of the asset. If an asset has multiple IP addresses, the primary or best address is selected. The IP address may be an IPv4 or IPv6 address.
host_nametextYesThe primary host name of the asset. If an asset has had no host name identified, the value will be null . If an asset has multiple host names, the primary or best address is selected. If the asset was scanned as a result of configuring the site with a host name target, that name will be guaranteed to be selected ss the primary host name.
operating_system_idbigintNoThe identifier of the operating system fingerprint with the highest certainty on the asset. If the asset has no operating system fingerprinted, the value will be -1.dim_operating_system
host_type_idintegerNoThe identifier of the type of host the asset is classified as. If the host type could not be detected, the value will be -1.dim_host_type
sitestextNoComma-separated list of site names.
last_assessed_for_vulnerabilitiestimestamp without time zoneYesThe time at which the asset was last scanned for vulnerabilities. If the asset has never been scanned for vulnerabilities, the value will be null.
dim_asset_file

dim_asset_file

Description: Dimension for files and directories that have been enumerated on an asset. Each record represents one file or directory discovered on an asset. If an asset has no files or groups enumerated, there will be no records in this dimension for the asset.

Type: slowly changing (Type I)

ColumnData TypeNullableDescriptionAssociated Dimension
asset_idbigintNoThe identifier of the asset.dim_asset
file_idbigintNoThe identifier of the file or directory.
typetextNoThe type of item: Directory, File, or Unknown.
nametextNoThe name of the file or directory.
sizebigintNoThe size of the file or directory in bytes. If the size is unknown, the value will be -1.
dim_asset_group_account

dim_asset_group_account

Description: Dimension that provides the group accounts detected on an asset during the most recent scan of the asset.

Type: slowly changing (Type I)

ColumnData TypeNullableDescriptionAssociated Dimension
asset_idbigintNoThe identifier of the asset.dim_asset
nametextNoThe name of the group detected.
dim_asset_group

dim_asset_group

Description: Dimension that provides access to the asset groups within the scope of the report. There will be one record in this dimension for every asset group which any asset in the scope of the report is associated to, including assets specified through configuring scans, sites, or asset groups.

Type: slowly changing (Type I)

ColumnData TypeNullableDescriptionAssociated Dimension
asset_group_idintegerNoThe identifier of the asset group.
nametextNoThe name of the asset group.
descriptiontextYesThe optional description of the asset group. If no description is specified, the value will be null.
dynamic_membershipbooleanNoIndicates whether the membership of the asset group is computed dynamically using a dynamic asset filter, or is static (true if this group is a dynamic asset group).
dim_asset_group_asset

dim_asset_group_asset

Description: Dimension that provides access to the relationship between an asset group and its associated assets. For each asset group membership of an asset there will be a record in this table.

Type: slowly changing (Type I)

ColumnData TypeNullableDescriptionAssociated Dimension
asset_group_idintegerNoThe identifier of the asset group.dim_asset_group
asset_idbigintNoThe identifier of the asset that belongs to the asset group.dim_asset
dim_asset_host_name

dim_asset_host_name

Description: Dimension that provides all primary and alternate host names for an asset. Unlike the dim_asset dimension, this dimension will provide detailed information for the alternate host names detected on the asset. If an asset has no known host names, a record with an unknown host name will be present in this dimension.

Type: slowly changing (Type I)

ColumnData TypeNullableDescriptionAssociated Dimension
asset_idbigintNoThe identifier of the asset.dim_asset
host_nametextNoThe host name associated to the asset, or 'Unknown' if no host name is associated with the asset.
source_type_idcharacter(1)NoThe identifier of the type of source which was used to detect the host name, or '-' if no host name is associated with the asset.dim_host_name_source_type
dim_asset_ip_address

dim_asset_ip_address

Description: Dimension that provides all primary and alternate IP addresses for an asset. Unlike the dim_asset dimension, this dimension will provide detailed information for the alternate IP addresses detected on the asset. As each asset is guaranteed to have at least one IP address, this dimension will contain at least one record for every asset in the scope of the report.

Type: slowly changing (Type I)

ColumnData TypeNullableDescriptionAssociated Dimension
asset_idbigintNoThe identifier of the asset.dim_asset
ip_addressinetNoThe IP address associated to the asset
typetextNoA description of the type of the IP address, either of the values: “IPv6” or “IPv4”.
dim_asset_mac_address

dim_asset_mac_address

Description: Dimension that provides all primary and alternate MAC addresses for an asset. Unlike the dim_asset dimension, this dimension will provide detailed information for the alternate MAC addresses detected on the asset. If an asset has no known MAC addresses, a record with null MAC address will be present in this dimension.

Type: slowly changing (Type I)

ColumnData TypeNullableDescriptionAssociated Dimension
asset_idbigintNoThe identifier of the asset the MAC address was detected on.dim_asset
mac_addressmacaddrYesThe MAC address associated to the asset, or null if the asset has no known MAC address.
dim_asset_operating_system

dim_asset_operating_system

Description: Dimension that provides the primary and all alternate operating system fingerprints for an asset. Unlike the dim_asset dimension, this dimension will provide detailed information for all operating system fingerprints on an asset. If an asset has no known operating system, a record with an unknown operating system fingerprint will be present in this dimension.

Type: slowly changing (Type I)

ColumnData TypeNullableDescriptionAssociated Dimension
asset_idbigintNoThe identifier of the asset.dim_asset
operating_system_idbigintNoThe identifier of the operating system, or -1 if there is no known operating system.dim_operating_system
fingerprint_source_idintegerNoThe source which was used to detect the operating system fingerprint, or -1 if there is no known operating system.dim_fingerprint_source
certaintyrealNoA value between 0 and 1 indicating the confidence level of the fingerprint. The value is 0 if there no known operating system.
dim_asset_scan

dim_asset_scan

Description: Dimension for the relationship between an asset and a scan, for all scans and assets within the scope of the report. A record will be present for each scan of each asset, with the time at which the scan started and completed on the asset.

Type: slowly changing (Type I)

ColumnData TypeNullableDescriptionAssociated Dimension
scan_idbigintNoThe unique identifier of the scan.dim_scan
asset_idbigintNoThe identifier of the asset.dim_asset
scan_startedtimestamp without time zoneNoThe time at which the asset was first scanned in the scan. The timestamp is converted into the timezone specified within the report configuration.
scan_finishedtimestamp without time zoneNoThe time at which the asset completed scanning in each scan. The timestamp is converted into the timezone specified within the report configuration.
match_valuerealYesA value indicating the confidence with which this asset was correlated to an existing asset during a scan.
dim_asset_service

dim_asset_service

Description: Dimension that provides the services detected on an asset during the most recent scan of the asset. If an asset had no services enumerated during the scan, there will be no records in this dimension.

Type: slowly changing (Type I)

ColumnData TypeNullableDescriptionAssociated Dimension
asset_idbigintNoThe identifier of the asset.dim_asset
service_idintegerNoThe identifier of the service.dim_service
protocol_idsmallintNoThe identifier of the protocol.dim_protocol
portintegerNoThe port on which the service is running.
service_fingerprint_idbigintNoThe identifier of the fingerprint for the service, or -1 if a fingerprint is not available.dim_service_fingerprint
certaintyrealNoA value between 0 and 1 indicating the confidence level of the fingerprint. The value is 0 if there no known operating system.
dim_asset_service_configuration

dim_asset_service_configuration

Description: Dimension that provides the most recent configurations that have been detected on the services of an asset during the latest scan of that asset. Each record represents a configuration value that has been detected on a service (e.g., banner and header values). If an asset has no services detected on it, there will be no records for the asset in the dimension.

Type: slowly changing (Type I)

ColumnData TypeNullableDescriptionAssociated Dimension
asset_idbigintNoThe identifier of the asset.dim_asset
service_idintegerNoThe identifier of the service.dim_service
nametextNoThe name of the configuration value.
valuetextYesThe configuration value, which may be empty or null.
portintegerNoThe port on which the service was running.
dim_asset_service_credential

dim_asset_service_credential

Description: Dimension that presents the most recent credential statuses asserted for services on an asset in the latest scan.

Type: slowly changing

ColumnData TypeNullableDescriptionAssociated Dimension
asset_idbigintNoThe identifier of the asset.dim_asset
service_idintegerNoThe identifier of the service.dim_service
credential_status_idsmallintNoThe identifier of the credential status for the service credential.dim_credential_status
protocol_idsmallintNoThe identifier of the protocol of the service.dim_protocol
portintegerNoThe port on which the service was running.
dim_asset_socket_details

dim_asset_socket_details

Description: Dimension that provides socket listener information detected on an asset during the most recent scan of the asset.

Type: slowly changing (Type I)

ColumnData TypeNullableDescriptionAssociated Dimension
ip_addresstextNoThe IPv4 address associated with this asset.
asset_idbigintNoThe identifier of the asset.dim_asset
listening_porttextNoThe socket's listening port
binding_addresstextNoThe socket's bound address
process_nametextNoThe process bound to this socket's listening port.
dim_asset_software

dim_asset_software

Description: Dimension that provides the software enumerated on an asset during the most recent scan of the asset. If an asset had no software packages enumerated during the scan, there will be no records in this dimension.

Type: slowly changing (Type I)

ColumnData TypeNullableDescriptionAssociated Dimension
asset_idbigintNoThe identifier of the asset.dim_asset
software_idbigintNoThe identifier of the software packagedim_software
fingerprint_source_idintegerNoThe source which was used to detect the software.dim_fingerprint_source
dim_asset_unique_id

dim_asset_unique_id

Description: Dimension for the most current unique identifiers of every asset. Each record represents a unique identifier enumerated on the asset. If an asset has no unique identifiers, a record will not be present in this dimension. An asset may have more than one unique identifier enumerated.

ColumnData TypeNullableDescriptionAssociated Dimension
asset_idbigintNoThe identifier of the asset.dim_asset
sourcetextNoThe source of the unique identifier, usually describing the mechanism used to acquire the unique ID.
unique_idtextNoThe unique identifier of the asset.
dim_asset_user_account

dim_asset_user_account

Description: Dimension that provides the user accounts detected on an asset during the most recent scan of the asset.

Type: slowly changing (Type I)

ColumnData TypeNullableDescriptionAssociated Dimension
asset_idbigintNoThe identifier of the asset.dim_asset
nametextYesThe short, abbreviated name of the user account, which may be null.
full_nametextYesThe longer full name of the user account, which may be null.
dim_asset_vulnerability_solution

dim_asset_vulnerability_solution

Description: Dimension that provides access to what solutions can be used to remediate a vulnerability on an asset. Multiple solutions may be selected as the means to remediate a vulnerability on an asset. This occurs when multiple solutions can be chosen from to remediate a vulnerability. The solutions provided represent only the direct solutions associated with the vulnerability. To view the single best rollup recommended solution, use dim_asset_vulnerability_best_solution instead.

Type: slowly changing (Type I)

ColumnData TypeNullableDescriptionAssociated Dimension
asset_idbigintNoThe identifier of the asset.dim_asset
vulnerability_idintegerNoThe identifier of the vulnerability.dim_vulnerability
solution_idintegerNoThe surrogate identifier of the solution that may be used to remediate the vulnerability on the asset.dim_solution
dim_asset_vulnerability_best_solution

dim_asset_vulnerability_best_solution

Description: Dimension that provides access to the best solution that is recommended to remediate a vulnerability on an asset.

Type: slowly changing (Type I)

ColumnData TypeNullableDescriptionAssociated Dimension
asset_idbigintNoThe identifier of the asset.dim_asset
vulnerability_idintegerNoThe identifier of the vulnerability.dim_vulnerability
solution_idintegerNoThe surrogate identifier of the solution that may be used to remediate the vulnerability on the asset.dim_solution
dim_fingerprint_source

dim_fingerprint_source

Description: Dimension that provides access to the means by which an operating system or software package were detected on an asset.

Type: slowly changing (Type I)

ColumnData TypeNullableDescriptionAssociated Dimension
asset_idbigintNoThe identifier of the asset.dim_asset
sourcetextNoThe description of the source.
dim_mobile_asset_attribute

dim_mobile_asset_attribute

Description: Dimension that provides information about mobile devices.

Type: slowly changing (Type I)

ColumnData TypeNullableDescriptionAssociated Dimension
asset_idbigintNoThe identifier of the asset.dim_asset
attribute_nametextNoThe host name associated to the asset, or 'Unknown' if no host name is associated with the asset. Possible names include:\n\n * Mobile Device ID\n * Mobile Device Useragent\n * Mobile Device Owner\n * Mobile Device Model\n * Mobile Device OS
attribute_valuetextYesThe actual value for each of the attributes listed in the attribute_name column, such as the device model or operating system.
dim_tag

dim_tag

Description: Dimension for all tags that any assets within the scope of the report belong to. Each tag has either a direct association or indirection association to an asset based off site or asset group association or off dynamic membership criteria.

Type: slowly changing (Type I)

ColumnData TypeNullableDescription
tag_idintegerNoThe identifier of the tag.
tag_nametextNoThe name of the tag. Names are unique for tags within a type.
tag_typetextNoThe type of the tag. The supported types are CRITICALITY, LOCATION, OWNER, and CUSTOM.
sourcetextNoThe original application that created the tag.
creation_datetimestampNoThe date and time at which the tag was created.
risk_modifierfloatYesThe risk modifier for a CRITICALITY typed tag.
colortextYesThe risk modifier for a Criticality typed tag.
dim_tag_asset

dim_tag_asset

Description: Dimension for the association between an asset and a tag. For each asset there will be one record with an association to only one tag. This dimension only provides current associations. It does not indicate whether an asset was previously associated with a tag.

Type: slowly changing (Type I)

ColumnData TypeNullableDescriptionAssociated Dimension
tag_idintegerNoThe unique identifier of the tag.dim_tag
asset_idbigintNoThe unique identifier of the asset.dim_asset
associationtextNoThe association that the tag has with the asset. It can be a direct association (tag) or an indirect association through a site (site), a group (group) or the tag dynamic search criteria (criteria).
site_idintegerYesThe site identifier by which an asset indirectly associates with the tag.dim_site
group_idintegerYesThe asset group identifier by which an asset indirectly associates with the tag.dim_asset_group
dim_asset_container

dim_asset_container

Description: Dimension for containers enumerated on an asset if the asset is a container host. Each record represents one container discovered on an asset. If an asset is not a container host or no containers have been created there will be no rows in this dimension.

ColumnData TypeNullableDescription
asset_idbigintNoThe unique identifier of the asset.
container_idtextNoThe identifier of the container.
nametextNoThe name of the container.
statustextNoThe status of the container.
createdtimestamp without time zoneNoThe date at which the container was created. The timestamp is converted into the timezone specified within the report configuration.
startedtimestamp without time zoneYesThe date at which the container was last started. The timestamp is converted into the timezone specified within the report configuration.
finishedtimestamp without time zoneYesThe date at which the container was last stopped/terminated. The timestamp is converted into the timezone specified within the report configuration.
image_idtextNoThe identifier of the image.
repositorytextNoThe name of the repository the image the contain is based on belongs to.
dim_operating_system

dim_operating_system

Description: Dimension provides access to all operating system fingerprints detected on assets in any scan of the assets within the scope of the report.

Type: slowly changing (Type I)

ColumnData TypeNullableDescriptionAssociated Dimension
operating_system_idbigintNoThe identifier of the operating system.
asset_typetextNoThe type of asset the operating system applies to, which categorizes the operating system fingerprint. This type can distinguish the purpose of the asset that the operating system applies to.
descriptiontextNoThe verbose description of the operating system, which combines the family, vendor, name, and version.
vendortextNoThe vendor or publisher of the operating system. If the vendor was not detected, the value will be 'Unknown'.
familytextNoThe family or product line of the operating system. If the family was not detected, the value will be 'Unknown'.
nametextNoThe name of the operating system. If the name was not detected, the value will be 'Unknown'.
versiontextNoThe version of the operating system. If the version was not detected, the value will be 'Unknown'.
architecturetextNoThe architecture the operating system is built for. If the architecture was not detected, the value will be 'Unknown'.
systemtextNoThe terse description of the operating system, which combines the vendor and family.
cpetextYesThe Common Platform Enumeration (CPE) value that corresponds to the operating system.

Policies

dim_policy

dim_policy

Description: This is the dimension for all metadata related to a policy. It contains one record for every policy that currently exists in the application.

Type: slowly changing (Type I)

ColumnData TypeNullableDescriptionAssociated Dimension
policy_idbigintNoThe identifier of the policy.
scopetextNoThe identifier for scope of policy. Policies that are automatically available have "Built-in" scope, whereas policies created by users have scope as "Custom".
titletextNoThe title of the policy as visible to the user.
descriptiontextNoA description of the policy.
total_rulesbigintNoThe sum of all the rules within the policy.
benchmark_nametextNoThe name of the collection of policies sharing the same source data to which the policy belongs. It includes metadata such as title, name, and applicable systems.
benchmark_versiontextNoThe version number of the benchmark that includes the policy.
categorytextNoA grouping of similar benchmarks based on their source, purpose, or other criteria. Examples include FDCC, USGCB, and CIS.
dim_policy_group

dim_policy_group

Description: This is the dimension for all the metadata for each rule within a policy. It contains one record for every rule within each policy.

Type: slowly changing (Type I)

ColumnData TypeNullableDescriptionAssociated Dimension
policy_idbigintNoThe identifier of the policy.
parent_group_idbigintYesThe identifier of the group this group directly belongs to. If this group belongs directly to the policy, this will be null.
scopetextNoThe identifier for scope of policy. Policies that are automatically available have "Built-in" scope, whereas policies created by users have scope as "Custom".
group_idbigintNoThe identifier of the group.
titletextYesThe title of the group that is visible to the user. It describes a logical grouping of the policy rules.
descriptiontextYesA description of the group.
sub_groupsintegerNoThe number of all groups descending from a group.
rulesintegerNoThe number of all rules directly or indirectly belonging to a group.
dim_policy_rule

dim_policy_rule

Description: This is the dimension for all the metadata for each rule within a policy. It contains one record for every rule within each policy.

Type: slowly changing (Type I)

ColumnData TypeNullableDescriptionAssociated Dimension
policy_idbigintNoThe identifier of the policy.
parent_group_idbigintYesThe identifier of the group this group directly belongs to. If this group belongs directly to the policy, this will be null.
scopetextNoThe identifier for scope of policy. Policies that are automatically available have "Built-in" scope, whereas policies created by users have scope as "Custom".
rule_idbigintNoThe identifier of the rule.
titletextNoThe title of the rule, for each policy, that is visible to the user. It describes a state or condition with which a tested asset should comply.
descriptiontextYesA description of the rule.
severitytextYesThe severity of the rule. A textual value that can be one of the following: "low", "medium", "high", or "unknown".
rationaletextYesDescriptive text explaining why compliance is important to the security of the target platform.
remediationtextYesInstructions for remediating the non-compliant rule. Also referred to as "fixtext" in the policy content.
roletextNoThe rule's role in scoring and reporting. A textual value that can be one of the following: "full", "unchecked", "unscored".

Rules with a role of "unscored" are ignored in compliance calculations.
enabledbooleanNoDetermine whether this rule is enabled for compliance evaluation during scans.
dim_policy_rule_cce_platform_nist_control_mapping

dim_policy_rule_cce_platform_nist_control_mapping

Description: This dimension provides all National Institute of Standards and Technology (NIST) Special Publication 800-53 controls mappings for each Common Configuration Enumeration (CCE) within a rule.

Type: slowly changing (Type I)

ColumnData TypeNullableDescriptionAssociated Dimension
rule_idbigintNoThe identifier of the policy rule.dim_policy_rule
rule_scopetextNoThe identifier for scope of policy. Policies that are automatically available have "Built-in" scope, whereas policies created by users have scope as "Custom".dim_policy_rule
cce_item_idtextNoThe identifier of the CCE item.
platformtextNoThe platform of the CCE.
control_nametextNoThe name of the control mapping.
date_publisheddateNoThe published date of the control mapping.
dim_policy_override

dim_policy_override

Description: Dimension that provides access to all policy rule overrides in any state that may apply to any assets within the scope of the report. This includes overrides that have expired or have been superceded by newer overrides.

Type: slowly changing (Type II)

ColumnData TypeNullableDescription
override_idbigintNoThe identifier of the policy rule override.
scope_idcharacter(1)NoThe identifier for scope of the override.
submitted_bytextNoThe login name of the user that submitted the policy override.
submitted_timetimestamp without time zoneNoThe date the override was originally created and submitted.
commentstextNoThe description given at the time the policy override was submitted.
reviewed_bytextYesThe login name of the user that reviewed the policy override. If the override has been submitted and has not been reviewed, the value will be null.
review_commentstextYesThe comment that accompanies the latest review action. If the exception is submitted and has not been reviewed, the value will be null.
review_state_idcharacter(1)NoThe identifier of the review state of the override.
effective_timetimestamp without time zoneYesThe date at which the rule override become effective. If the rule override is under review, the value will be null.
expiration_timetimestamp without time zoneYesThe date at which the rule override will expire. If the exception has no expiration date set, the value is will be null.
new_status_idcharacter(1)NoThe identifier of the new value that this override applies to affected policy rule results.
dim_policy_override_scope

dim_policy_override_scope

Description: Dimension for the possible scope for a Policy override, such as Global, Asset, or Asset Instance.

Type: normal

ColumnData TypeNullableDescription
scope_idcharacter(1)NoThe identifier for scope of the override.
descriptiontextNoThe description of the policy rule override scope.
dim_policy_override_review_state

dim_policy_override_review_state

Description: Dimension for the possible states for a Policy override, such as Submitted, Approved, or Rejected.

Type: normal

ColumnData TypeNullableDescription
state_idcharacter(1)NoThe identifier of the policy rule override state.
descriptiontextNoThe description of the policy rule override state.
dim_policy_result_status

dim_policy_result_status

Description: Dimension for the possible statuses for a Policy Check result, such as Pass, Fail, or Not Applicable.

Type: normal

ColumnData TypeNullableDescription
state_idcharacter(1)NoThe identifier of the policy rule override status.
descriptiontextNoThe description of the policy rule override status.

Scans

dim_scan_engine

dim_scan_engine

Description: Dimension for all scan engines that are defined. A record is present for each scan engine to which the owner of the report has access.

Type: slowly changing (Type I)

ColumnData TypeNullableDescription
scan_engine_idintegerNoThe unique identifier of the scan engine.
nametextnoThe name of the scan engine.
addresstextNoThe address (either IP or )
portintegerNoThe port the scan engine is running on.
dim_scan_template

dim_scan_template

Description: Dimension for all scan templates that are defined. A record is present for each scan template in the system.

Type: slowly changing (Type I)

ColumnData TypeNullableDescriptionAssociated Dimension
scan_template_idtextNoThe identifier of the scan template.
nametextNoThe short, human-readable name of the scan template.
descriptiontextNoThe verbose description of the scan template.
dim_service

dim_service

Description: Dimension that provides access to the name of a service detected on an asset in a scan. This dimension will contain a record for every service that was detected during any scan of any asset within the scope of the report.

Type: slowly changing (Type I)

ColumnData TypeNullableDescriptionAssociated Dimension
service_idintegerNoThe identifier of the service.
nametextNoThe descriptive name of the service.
dim_service_fingerprint

dim_service_fingerprint

Description: Dimension that provides access to the detailed information of a service fingerprint. This dimension will contain a record for every service fingerprinted during any scan of any asset within the scope of the report.

Type: slowly changing (Type I)

ColumnData TypeNullableDescription
service_fingerprint_idbigintNoThe identifier of the service fingerprint.
vendortextNoThe vendor name for the service. If the vendor was not detected, the value will be 'Unknown'.
familytextNoThe family name or product line of the service. If the family was not detected, the value will be 'Unknown'.
nametextNoThe name of the service. If the name was not detected, the value will be 'Unknown'.
versiontextNoThe version name or number of the service. If the version was not detected, the value will be 'Unknown'.
dim_site

dim_site

Description: Dimension that provides access to the textual information of all sites configured to be within the scope of the report. There will be one record in this dimension for every site which any asset in the scope of the report is associated to, including assets specified through configuring scans, sites, or asset groups.

Type: slowly changing (Type I)

ColumnData TypeNullableDescriptionAssociated Dimension
site_idintegerNoThe identifier of the site.
nametextNoThe name of the site.
descriptiontextYesThe optional description of the site. If the site has no description, the value will be null.
risk_factorrealNoA numeric value that can be used to weight risk score computations. The default value is 1, but possible values from .33 to 3.0 to match the importance level.
importancetextNoThe importance of the site. The site importance is one of the following values: ‘Very Low’, ‘Low'’ 'Normal', ‘High’, or ‘Very High.’
dynamic_targetsbooleanNoIndicates whether the list of targets scanned by the site are dynamically configured (dynamic site).
organization_nametextYesThe optional name of the organization the site is associated to.
organization_urltextYesThe optional URL of the organization the site is associated to.
organization_contacttextYesThe optional contact name of the organization the site is associated to.
organization_job_titletextYesThe optional job title of the contact of the organization the site is associated to.
organization_emailtextYesThe optional e-mail of the contact of the organization the site is associated to.
organization_phonetextYesThe optional phone number of the organization the site is associated to.
organization_addresstextYesThe optional postal address of the organization the site is associated to.
organization_citytextYesThe optional city name of the organization the site is associated to.
organization_statetextYesThe optional state name of the organization the site is associated to.
organization_countrytextYesThe optional country name of the organization the site is associated to.
organization_ziptextYesThe optional zip code of the organization the site is associated to.
last_scan_idbigintNoThe identifier of the latest scan of the site that was run.dim_scan
dim_site_asset

dim_site_asset

Description: Dimension that provides access to the relationship between a site and its associated assets. For each asset within the scope of the report, a record will be present in this table that links to its associated site. The values in this dimension will change whenever a scan of a site is completed.

Type: slowly changing (Type II)

ColumnData TypeNullableDescriptionAssociated Dimension
site_idintegerNoThe identifier of the site.dim_site
asset_idbigintNoThe identifier of the asset.dim_asset
dim_scan

dim_scan

Description: Dimension that provides access to the scans for any assets within the scope of the report.

Type: slowly changing (Type II)

ColumnData TypeNullableDescriptionAssociated Dimension
scan_idbigintNoThe identifier of the scan.
startedtimestamp without time zoneNoThe date and time at which the scan started.
finishedtimestamp without time zoneYesThe date and time at which the scan finished. If the scan did not complete normally, or is still in progress, this value will be null.
status_idcharacter(1)NoThe current status of the scan.dim_scan_status
type_idcharacter(1)NoThe type of scan, which indicates whether the scan was started manually by a user or on a schedule.dim_scan_type
scan_nametextYesThe name of the scan.
dim_site_scan

dim_site_scan

Description: Dimension that provides access to the relationship between a site and its associated scans. For each scan of a site within the scope of the report, a record will be present in this table.

Type: slowly changing (Type II)

ColumnData TypeNullableDescriptionAssociated Dimension
site_idintegerNoThe identifier of the site.dim_site
scan_idbigintNoThe identifier of the scan.dim_scan
dim_site_scan_config

dim_site_scan_config

Description: Dimension for the current scan configuration for a site.

Type: slowly changing (Type I)

ColumnData TypeNullableDescriptionAssociated Dimension
site_idintegerNoThe identifier of the site.dim_site
scan_template_idtextNoThe identifier of the currently configured scan template.dim_scan_template
scan_engine_idintegerNoThe identifier of the currently configured scan engine.dim_scan_engine
dim_site_target

dim_site_target

Description: Dimension for all the included and excluded targets of a site. For all sites in the scope of the report, a record will be present for each unique IP range and/or host name defined as an included or excluded address in the site configuration. If any global exclusions are applied, these will also be provided at the site level.

Type: slowly changing (Type I)

ColumnData TypeNullableDescriptionAssociated Dimension
site_idintegerNoThe identifier of the site.dim_site
typetextNoEither host or IP to indicate the type of address.
includedbooleanNoTrue if the target is included in the configuration, or false if it is excluded.
targettextNoThe address of the target. If host, this is the host name. If ip type, this is the IP address in text form (result of running the HOST function).
scopetextYesThe scope of an exclusion: global if the exclusion is a global exclusion, site if the exclusion is defined on the site, or NULL if included (see above) is true.

Software and Solutions

dim_software

dim_software

Description: Dimension that provides access to all the software packages that have been enumerated across all assets within the scope of the report. Each record has detailed information for the fingerprint of the software package.

Type: slowly changing (Type I)

ColumnData TypeNullableDescriptionAssociated Dimension
software_idbigintNoThe identifier of the software package.
vendortextNoThe vendor that produced or published the software package.
familytextNoThe family name or product line of the software package.
nametextNoThe name of the software.
versiontextNoThe version name or number of the software.
software_classintegerNoThe description of the software class, which may be 'Unknown'.
cpetextYesThe Common Platform Enumeration (CPE) value that corresponds to the software.
dim_solution

dim_solution

Description: Dimension that provides access to all solutions defined.

Type: slowly changing (Type I)

ColumnData TypeNullableDescription
solution_idintegerNoThe identifier of the solution.
nexpose_idtextNoThe identifier of the solution within the application.
estimateintervalNoThe amount of required time estimated to implement this solution on a single asset. The minimum value is 0 minutes, and the precision is measured in seconds.
urltextyesAn optional URL link defined for getting more information about the solution. When defined, this may be a web page defined by the vendor that provides more details on the solution, or it may be a download link to a patch.
solution_typetextNoType of the solution, can be PATCH, ROLLUP or WORKAROUND. A patch type indicates that the solution involves applying a patch to a product or operating system. A rollup patch type indicates that the solution supercedes other vulnerabilities and rolls up many workaround or patch type solutions into one step.
fixtextYesThe steps that are a part of the fix this solution prescribes. The fix will usually contain a list of procedures that must be followed to remediate the vulnerability. The fix will be provided in an HTML format.
summarytextNoA short summary of solution which describes the purpose of the solution at a high level and is suitable for use as a summarization of the solution.
additional_datatextYesAdditional information about the solution, in HTML format.
applies_totextYesTextual representation of the types of system, software, and/or services that the solution can be applied to. If the solution is not restricted to a certain type of system, software or service, this field will be null.
dim_solution_supercedence

dim_solution_supercedence

Description: Dimension that provides all superceding associations between solutions. Unlike dim_solution_highest_supercedence, this dimension provides access to the entire graph of superceding relationships. If a solution does not supercede any other solution, it will not have any records in this dimension.

Type: slowly changing (Type I)

ColumnData TypeNullableDescriptionAssociated Dimension
solution_idintegerNoThe identifier of the solution.dim_solution
superceding_solution_idintegerNoThe identifier of the superceding solution.dim_solution
dim_solution_highest_supercedence

dim_solution_highest_supercedence

Description: Dimension that provides access to the highest level superceding solution for every solution. If a solution has multiple superceding solutions that themselves are not superceded, all will be returned. Therefore a single solution may have multiple records returned. If a solution is not superceded by any other solution, it will be marked as being superceded by itself (to allow natural joining behavior).

Type: slowly changing (Type I)

ColumnData TypeNullableDescriptionAssociated Dimension
solution_idintegerNoThe identifier of the solution.dim_solution
superceding_solution_idintegerNoThe surrogate identifier of a solution that is known to supercede the solution, and which itself is not superceded (the highest level of supercedence). If the solution is not superceded, this is the same identifier as solution_id.dim_solution
dim_solution_prerequisite

dim_solution_prerequisite

Description: Dimension that provides an association between a solution and all the prerequisite solutions that must be applied before it. If a solution has no prerequisites, it will have no records in this dimension.

Type: slowly changing (Type I)

ColumnData TypeNullableDescriptionAssociated Dimension
solution_idintegerNoThe identifier of the solution.dim_solution
required_solution_idintegerNoThe identifier of the solution that is required to be applied before the solution can be applied.dim_solution

Vulnerabilities

dim_vulnerability_solution

dim_vulnerability_solution

Description: Dimension that provides access to the relationship between a vulnerability and its (direct) solutions. These solutions are only those which are directly known to remediate the vulnerability, and does not include rollups or superceding solutions. If a vulnerability has more than one solution, multiple associated records will be present. If a vulnerability has no solutions, it will have no records in this dimension.

Type: slowly changing (Type I)

ColumnData TypeNullableDescriptionAssociated Dimension
vulnerability_idintegerNoThe identifier of the vulnerability.dim_vulnerability
solution_idintegerNoThe identifier of the solution that vulnerability may be remediated with.dim_solution
dim_vulnerability

dim_vulnerability

Description: Dimension for all the metadata related to a vulnerability. This dimension will contain one record for every vulnerability included within the scope of the report. Excluding nexpose_id, the values in this dimension will change whenever the risk model of the Security Console is modified.

Type: slowly changing (Type I)

ColumnData TypeNullableDescriptionAssociated Dimension
vulnerability_idintegerNoThe identifier of the vulnerability.
descriptiontextNoLong description for the vulnerability.
nexpose_idtextNoA textual identifier of a vulnerability unique to the application.
titletextNoThe short, succinct title of the vulnerability.
date_publisheddateNoThe date that the vulnerability was published by the source of the vulnerability (third-party, software vendor, or another authoring source).
date_addeddateNoThe date that the vulnerability was first checked by the application.
severity_scoresmallintNoThe numerical severity of the vulnerability, measured on a scale of 0 to 10 using whole numbers. A value of zero indicates low severity, and a value of 10 indicates high severity.
severitytextNoA human-readable description of the severity_score value. Possible values are 'Critical' , 'Severe' , and 'Moderate'.
pci_severity_scoresmallintNoThe numerical PCI severity score of the vulnerability, measured on a scale of 1 to 5 using whole numbers.
pci_statustextNoA human-readable description as to whether if the vulnerability was detected on an asset in a scan it would cause a PCI failure. Possible values are ' Pass ' or ' Fail '.
riskscoredouble precisionNoThe risk score of the vulnerability as computed by the risk model currently configured on the Security Console.
cvss_vectortextNoA full CVSS vector in the CVSSv2 notation.
cvss_access_vector_idcharacter(1)NoThe access vector (AV) code that represents the CVSS access vector value of the vulnerability.dim_cvss_access_vector_type
cvss_access_complexity_idcharacter(1)NoThe access complexity (AC) code that represents the CVSS access complexity value of the vulnerability.dim_cvss_access_complexity
cvss_authentication_idcharacter(1)NoThe authentication (Au) code that represents the CVSS authentication value of the vulnerability.dim_cvss_access_authentication_type
cvss_confidentiality_impact_idcharacter(1)NoThe confidentiality impact (C) code that represents the CVSS confidentiality impact value of the vulnerability.dim_cvss_confidentiality_impact
cvss_integrity_impact_idcharacter(1)NoThe integrity impact (I) code that represents the CVSS integrity impact value of the vulnerability.dim_cvss_integrity_impact_type
cvss_availability_impact_idcharacter(1)NoThe availability impact (A) code that represents the CVSS availability impact value of the vulnerability.dim_cvss_availability_impact
cvss_scorerealNoThe CVSS score of the vulnerability, on a scale of 0 to 10.
pci_adjusted_cvss_scorerealNoValue between 0 and 10 representing the CVSS score of the vulnerability, adjusted if necessary according to PCI rules.
cvss_exploit_scorerealNoThe base exploit score contribution to the CVSS score.
cvss_impact_scorerealNoThe base impact score contribution to the CVSS score.
cvss_v2_scorerealNoValue between 0 and 10 representing the CVSS Version 2.0 score of the vulnerability.
cvss_v2_exploit_scorerealNoBase score for the exploitability of a vulnerability that is used to compute the overall CVSS Version 2.0 score.
cvss_v2_impact_scorerealNoBase score for the impact of a vulnerability that is used to compute the overall CVSS Version 2.0 score.
cvss_v3_vectortextYesThe full CVSS vector in CVSS Version 3.0 notation.
cvss_v3_attack_vectorcharacter(1)YesAttack Vector (AV) code that represents the CVSS attack vector value of the vulnerability.dim_cvssv3_attack_vector
cvss_v3_attack_complexitycharacter(1)YesAttack Complexity (AC) code that represents the CVSS attack complexity value of the vulnerability.dim_cvssv3_attack_complexity
cvss_v3_privileges_requiredcharacter(1)YesPrivileges Required (PR) code that represents the CVSS privilege required value of the vulnerability.dim_cvssv3_privileges_required
cvss_v3_user_interactioncharacter(1)YesUser Interaction (UI) code that represents the CVSS user interaction value of the vulnerability.dim_cvssv3_user_interaction
cvss_v3_scopecharacter(1)YesScope (S) code that represents the CVSS scope value of the vulnerability.dim_cvssv3_scope
cvss_v3_confidentiality_impactcharacter(1)YesConfidentiality Impact (C) code that represents the CVSS confidentiality impact value of the vulnerability.dim_cvssv3_confidentiality_impact
cvss_v3_integrity_impactcharacter(1)YesIntegrity Impact (I) code that represents the CVSS integrity impact value of the vulnerability.dim_cvssv3_integrity_impact
cvss_v3_availability_impactcharacter(1)YesAvailability Impact (A) code that represents the CVSS availability impact value of the vulnerability.dim_cvssv3_availability_impact
cvss_v3_scorerealYesValue between 0 and 10 representing the CVSS Version 3.0 score of the Vulnerability.
cvss_v3_impact_scorerealYesBase score for the impact of a vulnerability that is used to compute the overall CVSS Version 3.0 score.
cvss_v3_exploit_scorerealYesBase score for the exploitability of a vulnerability that is used to compute the overall CVSS Version 3.0 score.
pci_special_notestextYesNotes attached to the vulnerability according to PCI rules.
denial_of_servicebooleanNoIndicates whether the vulnerability is classified as a denial-of-service vulnerability.
exploitsbigintNoThe number of distinct exploits that are associated with the vulnerability. If no exploits are associated to this vulnerability, the value will be zero.
malware_kitsbigintNoThe number of malware kits that are associated with the vulnerability. If no malware kits are associated to this vulnerability, the value will be zero.
date_modifieddateNoThe date the vulnerability was last modified in a content release. The granularity of the date is a day.
dim_vulnerability_category

dim_vulnerability_category

Description: Dimension that provides the relationship between a vulnerability and a vulnerability category.

Type: normal

ColumnData TypeNullableDescriptionAssociated Dimension
category_idintegerNoThe identifier of the vulnerability category.
vulnerability_idintegerNoThe identifier of the vulnerability the category applies to.dim_vulnerability
category_nametextNoThe descriptive name of the category.
dim_vulnerability_exception

dim_vulnerability_exception

Description: Dimension that provides access to all vulnerability exceptions in any state (including deleted) that may apply to any assets within the scope of the report. The exceptions available in this dimension will change as the their state changes, or any new exceptions are created over time.

Type: slowly changing (Type II)

ColumnData TypeNullableDescriptionAssociated Dimension
vulnerability_exception_idintegerNoThe identifier of the vulnerability exception.
vulnerability_idintegerNoThe identifier of the vulnerability.dim_vulnerability
scope_idcharacter(1)NoThe scope of the vulnerability exception, which dictates what assets the exception applies to.dim_exception_scope
reason_idcharacter(1)NoThe reason that the vulnerability exception was submitted.dim_exception_reason
additional_commentstextYesOptional comments associated with the last state change of the vulnerability exception.
submitted_datetimestamp without time zoneNoThe date the vulnerability was originally created and submitted, in the time zone specified by the report configuration.
submitted_bytextNoThe login name of the user that submitted the vulnerability exception.
review_datetimestamp without time zoneYesThe date the vulnerability exception was reviewed, in the time zone specified by the report configuration. If the exception was rejected, approved, or recalled, this is the date of the last state transition made on the exception. If an exception is submitted and has not been reviewed, the value will be null.
reviewed_bytextYesThe login name of the user that reviewed the vulnerability exception. If the exception is submitted and has not been reviewed, the value will be null.
review_commenttextYesThe comment that accompanies the latest review action. If the exception is submitted and has not been reviewed, the value will be null.
expiration_datedateYesThe date at which the vulnerability exception will expire. If the exception has no expiration date set, the value is will be null.
status_idcharacter(1)NoThe status (state) of the vulnerability exception.dim_exception_status
site_idintegerYesThe identifier of the site that the exception applies to. If this is not a site-level exception, the value will be null.dim_site
asset_idbigintYesThe identifier of the asset that the exception applies to. If this is not an asset-level or instance-level exception, the value will be null.dim_asset
portintegerYesThe port that the exception applies to. If this is not an instance-level exception, the value will be null.
keytextYesThe secondary identifier of the vulnerability the exception applies to. If this is not an instance-level exception, the value will be null.
group_idintegerYesThe identifier of the asset group that the exception applies to. If this is not a group-level exception, the value will be null.
dim_vulnerability_exploit

dim_vulnerability_exploit

Description: Dimension that provides the relationship between a vulnerability and an exploit.

Type: normal

ColumnData TypeNullableDescriptionAssociated Dimension
exploit_idintegerNoThe identifier of the exploit.
vulnerability_idintegerNoThe identifier of the vulnerability.dim_vulnerability
titletextNoThe short, succinct title of the exploit.
descriptiontextYesThe optional verbose description of the exploit. If there is no description, the value is null.
skill_leveltextNoThe skill level required to perform the exploit. Possible values include 'Expert', 'Novice', and 'Intermediate'.
source_idtextNoThe source which defined and published the exploit. Possible values include 'Exploit DB' and 'Metasploit Module'.
source_keytextNoThe identifier of the exploit in the source system, used as a key to index into the publisher's repository of metadata for the exploit.
dim_vulnerability_malware_kit

dim_vulnerability_malware_kit

Description: Dimension that provides the relationship between a vulnerability and a malware kit.

Type: normal

ColumnData TypeNullableDescriptionAssociated Dimension
vulnerability_idintegerNoThe identifier of the vulnerability the malware kit is associated to.dim_vulnerability
nametextNoThe name of the malware kit.
popularitytextNo
The popularity of the malware kit, which signifies how common or accessible it is. Possible values include Rare, Uncommon, Occasional, Common, Popular, Favored, and Unknown.
dim_vulnerability_reference

dim_vulnerability_reference

Description: Dimension that provides the references associated to a vulnerability, which provide links to external sources of data and information related to a vulnerability.

Type: normal

ColumnData TypeNullableDescriptionAssociated Dimension
vulnerability_idintegerNoThe identifier of the vulnerability.dim_vulnerability
sourcetextNoThe name of the source of the vulnerability information. The value is guaranteed to be provided in all upper-case characters.
referencetextNoThe reference that keys or links into the source of the vulnerability information. If the source is 'URL', the reference is 'URL'. Otherwise, the value is typically a key or identifier that indexes into the source repository.

Enumerated and Constant Dimensions

The following dimensions are static in nature and all represent mappings of codes, identifiers, and other constant values to human readable descriptions.

dim_cvss_access_vector

dim_cvss_access_vector

Description: Dimension for the possible CVSS access vector values.

Type: normal

Columns

ColumnData TypeNullableDescription
type_idcharacter(1)NoThe identifier of the access vector type.
descriptiontextNoThe description of the access vector type.

Values

Notes & Detailed Descriptiontype_idDescription
LLocalA vulnerability exploitable with only local access requires the attacker to have either physical access to the vulnerable system or a local (shell) account.
AAdjacent NetworkA vulnerability exploitable with adjacent network access requires the attacker to have access to either the broadcast or collision domain of the vulnerable software.
NNetworkA vulnerability exploitable with network access means the vulnerable software is bound to the network stack and the attacker does not require local network access or local access.
dim_aggregated_credential_status

dim_aggregated_credential_status

Description: Dimension the containing the status aggregated across all available services for the given asset in the given scan.

Type: normal

Columns

ColumnData TypeNullableDescription
aggregated_credential_status_idsmallintNoThe credential status ID associated with the fact_asset_scan_service.
aggregated_credential_status_descriptiontextNoThe human-readable description of the credential status.

Values

Notes & Detailed Descriptionaggregated_credential_status_idDescription
'No credentials supplied'1One or more services for which credential status is reported were detected in the scan, but there were no credentials supplied for any of them.
'All credentials failed'2One or more services for which credential status is reported were detected in the scan, and all credentials supplied for these services failed to authenticate.
'Credentials partially successful'3At least two of the four services for which credential status is reported were detected in the scan, and for some services the provided credentials failed to authenticate, but for at least one there was a successful authentication.
'All credentials successful'4One or more services for which credential status is reported were detected in the scan, and for all of these services for which credentials were supplied authentication with provided credentials was successful.
N/A-1None of the four applicable services (SNMP, SSH, Telnet, CIFS) was discovered in the scan.
dim_credential_status

dim_credential_status

Description: Dimension for the scan service credential status in human-readable form.

Type: normal

Columns

ColumnData TypeNullableDescription
credential_status_idsmallintNoThe credential status ID associated with the fact_asset_scan_service.
credential_status_descriptiontextNoThe human-readable description of the credential status.

Values

Notes & Detailed Descriptioncredential_status_idDescription
'No credentials supplied'1No credentials were supplied. Applicable to all four services (SNMP, SSH, Telnet, or CIFS).
Login Failed2The login failed. Applicable to all four services (SNMP, SSH, Telnet, or CIFS).
Login Successful3The login succeeded. The login failed. Applicable to all four services (SNMP, SSH, Telnet, or CIFS).
Allowed elevation of privileges4Elevation of privileges was allowed. Applicable to SSH only.
Root5The credentials allowed login as root. Applicable to SSH and Telnet only.
Login as local admin6The credentials allowed login as local admin. Applicable to CIFS only.
N/A-1This status is listed for all the services that are not SNMP, SSH, Telnet, or CIFS.
dim_cvss_access_complexity

dim_cvss_access_complexity

Description: Dimension for the possible CVSS access complexity values.

Type: normal

Columns

ColumnData TypeNullableDescription
type_idcharacter(1)NoThe identifier of the complexity type.
descriptiontextNoThe description of the access complexity type.

Values

Notes & Detailed Descriptiontype_idDescription
HHighSpecialized access conditions exist.
MMediumThe access conditions are somewhat specialized.
LLowSpecialized access conditions or extenuating circumstances do not exist.
dim_cvss_authentication

dim_cvss_authentication

Description: Dimension for the possible CVSS authentication values.

Type: normal

Columns

ColumnData TypeNullableDescription
type_idcharacter(1)NoThe identifier of the authentication type.
descriptiontextNoThe description of the authentication type.

Values

Notes & Detailed Descriptiontype_idDescription
MMultipleExploiting the vulnerability requires that the attacker authenticate two or more times, even if the same credentials are used each time.
SSingleThe vulnerability requires an attacker to be logged into the system (such as at a command line or via a desktop session or web interface).
NNoneAuthentication is not required to exploit the vulnerability.
dim_cvss_confidentiality_impact

dim_cvss_confidentiality_impact

Description: Dimension for the possible CVSS confidentiality impact values.

Type: normal

Columns

ColumnData TypeNullableDescription
type_idcharacter(1)NoThe identifier of the confidentiality impact type.
descriptiontextNoThe description of the confidentiality impact type.

Values

Notes & Detailed Descriptiontype_idDescription
PPartialThere is considerable informational disclosure. Access to some system files is possible, but the attacker does not have control over what is obtained, or the scope of the loss is constrained.
CCompleteThere is total information disclosure, resulting in all system files being revealed. The attacker is able to read all of the system's data (memory, files, etc.).
NNoneThere is no impact to the confidentiality of the system.
dim_cvss_integrity_impact

dim_cvss_integrity_impact

Description: Dimension for the possible CVSS integrity impact values.

Type: normal

Columns

ColumnData TypeNullableDescription
type_idcharacter(1)NoThe identifier of the integrity impact type.
descriptiontextNoThe description of the integrity impact type.

Values

Notes & Detailed Descriptiontype_idDescription
PPartialModification of some system files or information is possible, but the attacker does not have control over what can be modified, or the scope of what the attacker can affect is limited.
CCompleteThere is a total compromise of system integrity. There is a complete loss of system protection, resulting in the entire system being compromised. The attacker is able to modify any files on the target system.
NNoneThere is no impact to the integrity of the system.
dim_cvss_availability_impact

dim_cvss_availability_impact

Description: Dimension for the possible CVSS availability impact values.

Type: normal

Columns

ColumnData TypeNullableDescription
type_idcharacter(1)NoThe identifier of the availability impact type.
descriptiontextNoThe description of the availability impact type.

Values

Notes & Detailed Descriptiontype_idDescription
PPartialThere is reduced performance or interruptions in resource availability.
CCompleteThere is a total shutdown of the affected resource. The attacker can render the resource completely unavailable.
NNoneThere is no impact to the availability of the system.
dim_exception_scope

dim_exception_scope

Description: Dimension that provides all scopes a vulnerability exception can be defined on.

Type: normal

Columns

ColumnData TypeNullableDescription
scope_idcharacter(1)NoThe identifier of the scope of a vulnerability exception.
short_descriptiontextNoA succinct, one-word description of the scope.
descriptiontextNoA verbose description of the scope.

Values

Notes & Detailed Descriptionscope_idshort_descriptionDescription
GGlobalAll instances (all assets)The vulnerability exception is applied to all assets in every site.
SSiteAll instances in this siteThe vulnerability exception is applied to only assets within a specific site.
DAssetAll instances on this assetThe vulnerability exception is applied to all instances of the vulnerability on an asset.
IInstanceSpecific instance on this assetThe vulnerability exception is applied to a specific instances of the vulnerability on an asset (either all instances without a port, or instances sharing the same port and key).
dim_exception_reason

dim_exception_reason

Description: Dimension for all possible reasons that can be used within a vulnerability exception.

Type: normal

Columns

ColumnData TypeNullableDescription
reason_idcharacter(1)NoThe identifier for the reason of the vulnerability exception.
descriptiontextNoThe description for the reason of the vulnerability exception.

Values

Notes & Detailed Descriptionreason_idDescription
FFalse positiveThe vulnerability is a false-positive and was confirmed to be an inaccurate result.
CCompensating ControlThere is a compensating control in place unique to the site or environment that mitigates the vulnerability.
RAcceptable RiskThe vulnerability is deemed an acceptable risk to the organization.
UAcceptable useThe vulnerability is deemed to be acceptable with normal use (not a vulnerability to the organization).
OOtherAny other reason not covered in a build-in reason.
dim_exception_status

dim_exception_status

Description: Dimension for the possible statuses (states) of a vulnerability exception.

Type: normal

Columns

ColumnData TypeNullableDescription
status_idcharacter(1)NoThe identifier of the exception status.
descriptiontextNoThe description or name of the exception status.

Values

Notes & Detailed Descriptionstatus_idDescription
UUnder ReviewThe exception was submitted and is waiting for review from an approver.
AApprovedThe exception was approved by a reviewer and is actively applied.
RRejectedThe exception was rejected by the reviewer and requires further action by the submitter.
DRecalledThe exception was deleted by the reviewer or recalled by the submitted.
EExpiredThe exception has expired due to an expiration date.
dim_host_name_source_type

dim_host_name_source_type

Description: Dimension for the types of sources used to detect a host name on an asset.

Type: normal

Columns

ColumnData TypeNullableDescription
type_idcharacter(1)NoThe identifier of the source type.
descriptiontextNoThe description or name of the source type.

Values

Notes & Detailed Descriptiontype_idDescription
TUser DefinedThe host name of the asset was acquired as a result of being specified as a target within the scan (in the site configuration).
DDNSThe host name discovered during a scan using the domain name system (DNS).
NNetBIOSThe host name was discovered during a scan using the NetBios protocol.
LLDAPThe host name was discovered using LDAP.
EEPSECThe host name was discovered using VMWare EPSEC.
CDCEThe host name was discovered using DCE.
-N/AThe source of the host name could not be determined or is unknown.
dim_host_type

dim_host_type

Description: Dimension for the types of hosts that an asset can be classified as.

Type: normal

Columns

ColumnData TypeNullableDescription
host_type_idintegerNoThe identifier of the host type.
descriptiontextNoThe description of the host type.

Values

Notes & Detailed Descriptionhost_type_idDescription
1Virtual MachineThe asset is a generic virtualized asset resident within a virtual machine.
2HypervisorThe asset is a virtualized asset within Hypervisor.
3Bare MetalThe asset is a physical machine.
4MobileThe asset type is a mobile device (added in version 2.0.1)
-1UnknownThe asset type is unknown or could not be determined.
dim_scan_status

dim_scan_status

Description: Dimension for all possible statuses of a scan.

Type: normal

Columns

ColumnData TypeNullableDescription
status_idcharacter(1)NoThe identifier of the status a scan can have.
descriptiontextNoThe description of the status code.

Values

Notes & Detailed Descriptionstatus_idDescription
AAbortedThe scan was either manually or automatically aborted by the system. If a scan is marked as aborted, it usually terminated abnormally. Aborted scans can occur when an engine is interrupted (terminated) while a scan is actively running.
CSuccessfulThe scan was successfully completed and no errors were encountered (this includes scans that were manually or automatically resumed).
URunningThe scan is actively running and is in a non-paused state.
SStoppedThe scan was manually stopped by the user.
EFailedThe scan failed to launch or run successfully.
PPausedThe scan is halted because a user manually paused the scan or the scan has met its maximum scan duration.
-UnknownThe status of the scan cannot be determined.
dim_scan_type

dim_scan_type

Description: Dimension for all possible types of scans.

Type: normal

Columns

ColumnData TypeNullableDescription
type_idcharacter(1)NoThe identifier of the type a scan can be.
descriptiontextNoThe description of the type code.

Values

Notes & Detailed Descriptiontype_idDescription
AManualThe scan was manually launched by a user.
SScheduledThe scan was launched automatically by the Security Console on a schedule.
IImport
EAdapative
GAgent
-UnknownThe scan type could not be determined or is unknown.
dim_vulnerability_status

dim_vulnerability_status

Description: Dimension for the statuses a vulnerability finding result can be classified as.

Type: normal

Columns

ColumnData TypeNullableDescription
status_idcharacter(1)NoThe identifier of the vulnerability status.
descriptiontextNoThe description of the vulnerability status.

Values

Notes & Detailed Descriptionstatus_idDescription
2Confirmed vulnerabilityThe vulnerability was discovered and either exploited or confirmed.
3Vulnerable versionThe vulnerability was discovered within a version of the installed software or operating system.
9Potential vulnerabilityThe vulnerability was discovered, but not exploited or confirmed.
dim_protocol

dim_protocol

Description: Dimension that provides all possible protocols that a service can be utilizing on an asset.

Type: normal

Columns

ColumnData TypeNullableDescription
protocol_idintegerNoThe identifier of the protocol
nametextNoThe name of the protocol.
descriptiontextNoThe non-abbreviated description of the protocol.

Values

Notes & Detailed Descriptionprotocol_idDescription
0IPInternet Protocol
1ICMPInternet Control Message Protocol
2IGMPInternet Group Management Protocol
3GGPGateway-to-Gateway Protocol
6TCPTransmission Control Protocol
12PUPPARC Universal Protocol
17UDPUser Datagram Protocol
22IDPInternet Datagram Protocol
50ESPEncapsulating Security Payload
77NDNetwork Disk Protocol
255RAWRaw Packet
-1N/A