JasonKeirstead
commented
7 years ago I will submit a proposal for this.
Open JasonKeirstead opened 7 years ago
JasonKeirstead
commented
7 years ago I will submit a proposal for this.
MarkDavidson
commented
7 years ago Recommendation:
JasonKeirstead
commented
7 years ago The basic use cases for query by an analyst in my mind are this… in priority order…
a) Find indicators that will match this observation b) Find observations that match this indicator pattern c) Find nodes with this combination of properties (we kind of have this today) d) Find relationships to/from these node(s) e) (b) except with substring matches f) Graph traversal queries ( ie tell me if A and B are connected, and if so, return the path(s) )
If we had this I think we would have > 95% coverage of anything needed to build a robust UI for an analyst
RFE to allow a way to query observed_data objects that match a given SCO pattern. Once the consumer retrieves those objects, they can pull other relationed objects if they desire.