Jupiter One¶
About¶
Cyber asset analysis platform empowers security teams with total visibility into the assets, context, and risks that make up their attack surface.
Product Details¶
Vendor URL: Jupiter One
Product Type: Discovery and Asset Management
Product Tier: Tier III
Integration Method: JSON
Integration URL: N/A
Log Guide: Jupiter One Data Model
Parser Details¶
Log Format: JSON
Expected Normalization Rate: 98%
Data Label: JUPITER_ONE
UDM Fields (list of all UDM fields leveraged in the Parser):
Log File Field | UDM Field |
---|---|
dataItem.properties.availabilityZone | principal.cloud.availability_zone |
dataItem.properties.arn | principal.resource.name |
dataItem.properties.assetIpv4 | principal.ip |
dataItem.properties.assetHostname | principal.hostname |
dataItem.properties.assetMacAddress | principal.mac |
dataItem.properties.cve | security_result.vuln.vulnerabilities.cve |
dataItem.properties.description | security_result.vuln.vulnerabilities.description |
dataItem.id | metadata.product_log_id |
dataItem.properties.fqdn | principal.principal.hostname |
dataItem.properties.name | principal.principal.hostname |
dataItem.properties.publicIpAddress | principal.ip |
dataItem.properties.privateIpAddress | principal.ip |
dataItem.properties.privateIpAddresses | principal.ip |
dataItem.properties.macAddress | principal.mac |
dataItem.properties.region | principal.location.name |
dataItem.properties.rootDeviceName | principal.process.file.full_path |
Product Event Types¶
type | UDM Event Classification |
---|---|
Default | STATUS_UNCATEGORIZED |
Log Sample¶
{"j1_results_data_list":[{"entity":{"_accountId":"abc12345-6789-0abc-def3-0d4582916777","_beginOn":"2024-01-18T04:24:21.073Z","_class":["NetworkInterface"],"_createdOn":"2024-01-18T04:24:21.073Z","_deleted":false,"_diffOn":"2024-01-18T04:24:21.073Z","_id":"abcdef01-2345-6789-0abc-3f1cc316890b","_integrationClass":["CSP","Infrastructure"],"_integrationDefinitionId":"abcd1234-0abc-0abc-0abc-aa27613118e9","_integrationInstanceId":"abcd1234-abcd-abcd-abcd-c98f11d4a4cf","_integrationName":"produser01","_integrationType":"aws","_key":"arn:aws:ec2:us-east-1:112345678901:network-interface/eni-abcd123456727f958","_source":"integration-managed","_type":["aws_eni"],"_version":1,"displayName":"eni-abcd123456727f958"},"id":"abcdef01-2345-6789-0abc-3f1cc316890b","properties":{"accountId":"112345678901","active":true,"arn":"arn:aws:ec2:us-east-1:112345678901:network-interface/eni-abcd123456727f958","attachTime":"2024-01-18T03:01:24.000Z","attachmentId":"eni-attach-054eeabcd12345678","attachmentStatus":"attached","availabilityZone":"us-east-1b","deleteOnTermination":true,"description":"","deviceIndex":0,"id":"eni-abcd123456727f958","instanceId":"i-123456789081dc51d","instanceOwnerId":"112345678901","interfaceType":"interface","macAddress":"0A:1B:2C:3D:4E:5F","managementAccountId":"172812345678","networkInterfaceId":"eni-abcd123456727f958","ownerId":"112345678901","privateDnsName":"workstation.01.ec2.internal","privateIp":"172.16.0.23","privateIpAddress":"172.16.0.23","raw_macAddress":"0a:1b:2c:3d:4e:5f","region":"us-east-1","requesterManaged":false,"securityGroupIds":"sg-1234567890cbc6cc1","securityGroupNames":"secure_group01","sourceDestCheck":true,"status":"in-use","subnetId":"subnet-0a7b12345678905c6","tag.AccountName":"produser01","tag.accttype":"Production","vpcId":"vpc-015740c1d8a0a1dd6","webLink":"https://console.aws.amazon.com/ec2/v2/home?region=us-east-1#NIC:search=eni-abcd123456727f958"}}]}
Sample Parsing¶
metadata.product_log_id: "abcdef01-2345-6789-0abc-3f1cc316890b"
metadata.event_type: STATUS_UNCATEGORIZED
principal.hostname: "eni-abcd123456727f958"
principal.ip: "172.16.0.23"
principal.mac: "0A:1B:2C:3D:4E:5F"
principal.cloud.availability_zone: "us-east-1b"
principal.location.name: "us-east-1"
principal.resource.name: "arn:aws:ec2:us-east-1:112345678901:network-interface/eni-abcd123456727f958"
principal.labels["tag.AccountName"]: "produser01"