Data security

Below is a brief collection of example J1QL queries relating to surfacing data security findings.

Show all resources without a data classification tag {}?

Find (Host|DataStore) with classification = undefined

Return a count instead:

Find (Host|DataStore) with classification = undefined as e return count(e)

Show all resources without a data classification tag in VPC with tag {}?

Filter by a tag on the VPC:

Find (Host|DataStore|Workload) with classification = undefined
  that relates to aws_vpc with tag.{tagName} = '{tagValue}'

Filter by vpcId or name:

Find (Host|DataStore|Workload) with classification = undefined
  that relates to aws_vpc with vpcId='{vpcId}' or name='{name}'

What are all the resources without encryption with data security tag '{restricted}'?

Find DataStore with encrypted!=true and classification='restricted'

Sometimes it is also interesting to

Find unencrypted data that is non-public:

Find DataStore with encrypted!=true and classification!='Public'

Aggregating Math Functions in the RETURN Clause

This query feature allows you to combine and deduplicate multiple scalar values into a single listing for a column/alias. You can combine multiple (defined) properties into a single property without having to choose to return one property or another.

FIND jira_issue WITH resolvedOn != undefined AND createdOn != undefined AS i 
RETURN AVG(i.resolvedOn - i.createdOn / 86400000) as 'Average Days to Close'

Show all resources without a data classification tag {}?​

Show all resources without a data classification tag in VPC with tag {}?​

What are all the resources without encryption with data security tag '{restricted}'?​

Aggregating Math Functions in the RETURN Clause​

Contents

Show all resources without a data classification tag {}?

Show all resources without a data classification tag in VPC with tag {}?

What are all the resources without encryption with data security tag '{restricted}'?

Aggregating Math Functions in the RETURN Clause