Data security
Below is a brief collection of example J1QL queries relating to surfacing data security findings.
Show all resources without a data classification tag {}?
Find (Host|DataStore) with classification = undefined
Return a count instead:
Find (Host|DataStore) with classification = undefined as e return count(e)
Show all resources without a data classification tag in VPC with tag {}?
Filter by a tag on the VPC:
Find (Host|DataStore|Workload) with classification = undefined
that relates to aws_vpc with tag.{tagName} = '{tagValue}'
Filter by vpcId or name:
Find (Host|DataStore|Workload) with classification = undefined
that relates to aws_vpc with vpcId='{vpcId}' or name='{name}'
What are all the resources without encryption with data security tag '{restricted}'?
Find DataStore with encrypted!=true and classification='restricted'
Sometimes it is also interesting to
Find unencrypted data that is non-public:
Find DataStore with encrypted!=true and classification!='Public'
Aggregating Math Functions in the RETURN Clause
This query feature allows you to combine and deduplicate multiple scalar values into a single listing for a column/alias. You can combine multiple (defined) properties into a single property without having to choose to return one property or another.
FIND jira_issue WITH resolvedOn != undefined AND createdOn != undefined AS i
RETURN AVG(i.resolvedOn - i.createdOn / 86400000) as 'Average Days to Close'