Skip to content

Network Infrastructure Solution Kit - Enhancements April 2026 #82

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
jim-limprasert-tigergraph wants to merge 4 commits into from
Closed

Network Infrastructure Solution Kit - Enhancements April 2026 #82

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
de0324b
network infrastructure: change schema to only have Time_Date and Time…
jim-limprasert-tigergraph Apr 21, 2026
c4f9692
network infra: make the modified loading job and queries compile and …
jim-limprasert-tigergraph Apr 22, 2026
f221476
Network Infrastructure: change schema.json and style.json to match th…
jim-limprasert-tigergraph Apr 22, 2026
85d9e48
Network Infrastructure: add a new png image into meta/images folder.
jim-limprasert-tigergraph Apr 23, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 2 additions & 3 deletions agile_operations/network_infrastructure/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -58,14 +58,13 @@ model and traverse it in real time. This solution kit combines:

- **Time hierarchy**
A time dimension for temporal analysis and visualization:
`Time_Year`, `Time_Date_Month`, `Time_Date`, `Time_Date_Hour`,
`Time_Date_Minute`.
`Time_Date`, `Time_Date_Minute`.

- **Topology and connectivity**
`Connect_To` edges between devices and impact/causal relationships such as:
`Impacts`, `Linked_With_Alert`, `Linked_With_Incident`, `From_Device`,
`To_Device`, plus relationships along the time hierarchy
(`Has_Minute`, `Has_Hour`, `Has_Date`, `Has_Month`, `Has_Year`).
(`Has_Minute`, `Has_Date`).

You can use the included queries as building blocks for operations,
security analysis, and incident investigation - or extend the graph with
Expand Down
58 changes: 8 additions & 50 deletions agile_operations/network_infrastructure/legacy_loading_job/load_data_no_s3.gsql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -79,10 +79,7 @@ CREATE LOADING JOB load_event_data FOR GRAPH Network_Infrastructure {
event_id,
event_type,
event_timestamp,
event_year,
event_date_month,
event_date,
event_date_hour,
event_date_minute,
impacted_device,
device_from,
Expand All @@ -91,10 +88,7 @@ CREATE LOADING JOB load_event_data FOR GRAPH Network_Infrastructure {
$0,
$1,
$2,
gsql_substring($2, 0, 4),
gsql_substring($2, 0, 7),
gsql_substring($2, 0, 10),
gsql_concat(gsql_substring($2, 0, 13), ":00:00"),
gsql_concat(gsql_substring($2, 0, 16), ":00"),
$3,
$4,
Expand All @@ -104,20 +98,12 @@ CREATE LOADING JOB load_event_data FOR GRAPH Network_Infrastructure {
LOAD TEMP_TABLE event_data_temp
TO VERTEX Event VALUES ($"event_id", $"event_timestamp"),
TO VERTEX Event_Type VALUES ($"event_type"),
TO VERTEX Time_Year VALUES ($"event_year"),
TO VERTEX Time_Date_Month VALUES ($"event_date_month"),
TO VERTEX Time_Date VALUES ($"event_date"),
TO VERTEX Time_Date_Hour VALUES ($"event_date_hour"),
TO VERTEX Time_Date_Minute VALUES ($"event_date_minute"),
TO VERTEX Time_Date VALUES ($"event_date", $"event_date"),
TO VERTEX Time_Date_Minute VALUES ($"event_date_minute", $"event_date_minute"),
TO EDGE Event_Has_Type VALUES ($"event_id", $"event_type"),
TO EDGE Has_Minute VALUES ($"event_id", $"event_date_minute"),
TO EDGE Has_Hour VALUES ($"event_date_minute", $"event_date_hour"),
TO EDGE Has_Date VALUES ($"event_date_hour", $"event_date"),
TO EDGE Has_Month VALUES ($"event_date", $"event_date_month"),
TO EDGE Has_Year VALUES ($"event_date_month", $"event_year"),
TO EDGE Impacts VALUES ($"event_id", $"impacted_device") WHERE gsql_is_not_empty_string($"impacted_device"),
TO EDGE From_Device VALUES ($"event_id", $"device_from") WHERE gsql_is_not_empty_string($"device_from"),
TO EDGE To_Device VALUES ($"event_id", $"device_to") WHERE gsql_is_not_empty_string($"device_to")
TO EDGE Has_Date VALUES ($"event_date_minute", $"event_date"),
TO EDGE Impacts VALUES ($"event_id", $"impacted_device") WHERE gsql_is_not_empty_string($"impacted_device")
;
}

Expand All @@ -129,10 +115,7 @@ CREATE LOADING JOB load_alert_data FOR GRAPH Network_Infrastructure {
alert_id,
alert_type,
alert_timestamp,
alert_year,
alert_date_month,
alert_date,
alert_date_hour,
alert_date_minute,
impacted_device,
device_from,
Expand All @@ -142,10 +125,7 @@ CREATE LOADING JOB load_alert_data FOR GRAPH Network_Infrastructure {
$0,
$1,
$2,
gsql_substring($2, 0, 4),
gsql_substring($2, 0, 7),
gsql_substring($2, 0, 10),
gsql_concat(gsql_substring($2, 0, 13), ":00:00"),
gsql_concat(gsql_substring($2, 0, 16), ":00"),
$3,
$4,
Expand All @@ -158,22 +138,14 @@ CREATE LOADING JOB load_alert_data FOR GRAPH Network_Infrastructure {
TO VERTEX Alert VALUES ($"alert_id", $"severity"),
TO VERTEX Event_Type VALUES ("Alert"),
TO VERTEX Alert_Type VALUES ($"alert_type"),
TO VERTEX Time_Year VALUES ($"alert_year"),
TO VERTEX Time_Date_Month VALUES ($"alert_date_month"),
TO VERTEX Time_Date VALUES ($"alert_date"),
TO VERTEX Time_Date_Hour VALUES ($"alert_date_hour"),
TO VERTEX Time_Date_Minute VALUES ($"alert_date_minute"),
TO EDGE Event_Has_Type VALUES ($"alert_id", "Alert"),
TO EDGE Alert_Has_Type VALUES ($"alert_id", $"alert_type"),
TO EDGE Linked_With_Alert VALUES ($"alert_id", $"alert_id"),
TO EDGE Has_Minute VALUES ($"alert_id", $"alert_date_minute"),
TO EDGE Has_Hour VALUES ($"alert_date_minute", $"alert_date_hour"),
TO EDGE Has_Date VALUES ($"alert_date_hour", $"alert_date"),
TO EDGE Has_Month VALUES ($"alert_date", $"alert_date_month"),
TO EDGE Has_Year VALUES ($"alert_date_month", $"alert_year"),
TO EDGE Impacts VALUES ($"alert_id", $"impacted_device") WHERE gsql_is_not_empty_string($"impacted_device"),
TO EDGE From_Device VALUES ($"alert_id", $"device_from") WHERE gsql_is_not_empty_string($"device_from"),
TO EDGE To_Device VALUES ($"alert_id", $"device_to") WHERE gsql_is_not_empty_string($"device_to")
TO EDGE Has_Date VALUES ($"alert_date_minute", $"alert_date"),
TO EDGE Impacts VALUES ($"alert_id", $"impacted_device") WHERE gsql_is_not_empty_string($"impacted_device")
;
}

Expand All @@ -185,10 +157,7 @@ CREATE LOADING JOB load_incident_data FOR GRAPH Network_Infrastructure {
incident_id,
incident_type,
incident_timestamp,
incident_year,
incident_date_month,
incident_date,
incident_date_hour,
incident_date_minute,
impacted_device,
device_from,
Expand All @@ -198,10 +167,7 @@ CREATE LOADING JOB load_incident_data FOR GRAPH Network_Infrastructure {
$0,
$1,
$2,
gsql_substring($2, 0, 4),
gsql_substring($2, 0, 7),
gsql_substring($2, 0, 10),
gsql_concat(gsql_substring($2, 0, 13), ":00:00"),
gsql_concat(gsql_substring($2, 0, 16), ":00"),
$3,
$4,
Expand All @@ -214,22 +180,14 @@ CREATE LOADING JOB load_incident_data FOR GRAPH Network_Infrastructure {
TO VERTEX Incident VALUES ($"incident_id", $"severity"),
TO VERTEX Event_Type VALUES ("Incident"),
TO VERTEX Incident_Type VALUES ($"incident_type"),
TO VERTEX Time_Year VALUES ($"incident_year"),
TO VERTEX Time_Date_Month VALUES ($"incident_date_month"),
TO VERTEX Time_Date VALUES ($"incident_date"),
TO VERTEX Time_Date_Hour VALUES ($"incident_date_hour"),
TO VERTEX Time_Date_Minute VALUES ($"incident_date_minute"),
TO EDGE Event_Has_Type VALUES ($"incident_id", "Incident"),
TO EDGE Incident_Has_Type VALUES ($"incident_id", $"incident_type"),
TO EDGE Linked_With_Incident VALUES ($"incident_id", $"incident_id"),
TO EDGE Has_Minute VALUES ($"incident_id", $"incident_date_minute"),
TO EDGE Has_Hour VALUES ($"incident_date_minute", $"incident_date_hour"),
TO EDGE Has_Date VALUES ($"incident_date_hour", $"incident_date"),
TO EDGE Has_Month VALUES ($"incident_date", $"incident_date_month"),
TO EDGE Has_Year VALUES ($"incident_date_month", $"incident_year"),
TO EDGE Impacts VALUES ($"incident_id", $"impacted_device") WHERE gsql_is_not_empty_string($"impacted_device"),
TO EDGE From_Device VALUES ($"incident_id", $"device_from") WHERE gsql_is_not_empty_string($"device_from"),
TO EDGE To_Device VALUES ($"incident_id", $"device_to") WHERE gsql_is_not_empty_string($"device_to")
TO EDGE Has_Date VALUES ($"incident_date_minute", $"incident_date"),
TO EDGE Impacts VALUES ($"incident_id", $"impacted_device") WHERE gsql_is_not_empty_string($"impacted_device")
;
}

Expand Down
22 changes: 4 additions & 18 deletions agile_operations/network_infrastructure/loading_job/load_alert_data.gsql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,10 +14,7 @@ CREATE LOADING JOB load_alert_data FOR GRAPH Network_Infrastructure {
alert_id,
alert_type,
alert_timestamp,
alert_year,
alert_date_month,
alert_date,
alert_date_hour,
alert_date_minute,
impacted_device,
device_from,
Expand All @@ -27,10 +24,7 @@ CREATE LOADING JOB load_alert_data FOR GRAPH Network_Infrastructure {
$0,
$1,
$2,
gsql_substring($2, 0, 4),
gsql_substring($2, 0, 7),
gsql_substring($2, 0, 10),
gsql_concat(gsql_substring($2, 0, 13), ":00:00"),
gsql_concat(gsql_substring($2, 0, 16), ":00"),
$3,
$4,
Expand All @@ -43,22 +37,14 @@ CREATE LOADING JOB load_alert_data FOR GRAPH Network_Infrastructure {
TO VERTEX Alert VALUES ($"alert_id", $"severity"),
TO VERTEX Event_Type VALUES ("Alert"),
TO VERTEX Alert_Type VALUES ($"alert_type"),
TO VERTEX Time_Year VALUES ($"alert_year"),
TO VERTEX Time_Date_Month VALUES ($"alert_date_month"),
TO VERTEX Time_Date VALUES ($"alert_date"),
TO VERTEX Time_Date_Hour VALUES ($"alert_date_hour"),
TO VERTEX Time_Date_Minute VALUES ($"alert_date_minute"),
TO VERTEX Time_Date VALUES ($"alert_date", $"alert_date"),
TO VERTEX Time_Date_Minute VALUES ($"alert_date_minute", $"alert_date_minute"),
TO EDGE Event_Has_Type VALUES ($"alert_id", "Alert"),
TO EDGE Alert_Has_Type VALUES ($"alert_id", $"alert_type"),
TO EDGE Linked_With_Alert VALUES ($"alert_id", $"alert_id"),
TO EDGE Has_Minute VALUES ($"alert_id", $"alert_date_minute"),
TO EDGE Has_Hour VALUES ($"alert_date_minute", $"alert_date_hour"),
TO EDGE Has_Date VALUES ($"alert_date_hour", $"alert_date"),
TO EDGE Has_Month VALUES ($"alert_date", $"alert_date_month"),
TO EDGE Has_Year VALUES ($"alert_date_month", $"alert_year"),
TO EDGE Impacts VALUES ($"alert_id", $"impacted_device") WHERE gsql_is_not_empty_string($"impacted_device"),
TO EDGE From_Device VALUES ($"alert_id", $"device_from") WHERE gsql_is_not_empty_string($"device_from"),
TO EDGE To_Device VALUES ($"alert_id", $"device_to") WHERE gsql_is_not_empty_string($"device_to")
TO EDGE Has_Date VALUES ($"alert_date_minute", $"alert_date"),
TO EDGE Impacts VALUES ($"alert_id", $"impacted_device") WHERE gsql_is_not_empty_string($"impacted_device")
;
}

Expand Down
22 changes: 4 additions & 18 deletions agile_operations/network_infrastructure/loading_job/load_event_data.gsql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,10 +14,7 @@ CREATE LOADING JOB load_event_data FOR GRAPH Network_Infrastructure {
event_id,
event_type,
event_timestamp,
event_year,
event_date_month,
event_date,
event_date_hour,
event_date_minute,
impacted_device,
device_from,
Expand All @@ -26,10 +23,7 @@ CREATE LOADING JOB load_event_data FOR GRAPH Network_Infrastructure {
$0,
$1,
$2,
gsql_substring($2, 0, 4),
gsql_substring($2, 0, 7),
gsql_substring($2, 0, 10),
gsql_concat(gsql_substring($2, 0, 13), ":00:00"),
gsql_concat(gsql_substring($2, 0, 16), ":00"),
$3,
$4,
Expand All @@ -39,20 +33,12 @@ CREATE LOADING JOB load_event_data FOR GRAPH Network_Infrastructure {
LOAD TEMP_TABLE event_data_temp
TO VERTEX Event VALUES ($"event_id", $"event_timestamp"),
TO VERTEX Event_Type VALUES ($"event_type"),
TO VERTEX Time_Year VALUES ($"event_year"),
TO VERTEX Time_Date_Month VALUES ($"event_date_month"),
TO VERTEX Time_Date VALUES ($"event_date"),
TO VERTEX Time_Date_Hour VALUES ($"event_date_hour"),
TO VERTEX Time_Date_Minute VALUES ($"event_date_minute"),
TO VERTEX Time_Date VALUES ($"event_date", $"event_date"),
TO VERTEX Time_Date_Minute VALUES ($"event_date_minute", $"event_date_minute"),
TO EDGE Event_Has_Type VALUES ($"event_id", $"event_type"),
TO EDGE Has_Minute VALUES ($"event_id", $"event_date_minute"),
TO EDGE Has_Hour VALUES ($"event_date_minute", $"event_date_hour"),
TO EDGE Has_Date VALUES ($"event_date_hour", $"event_date"),
TO EDGE Has_Month VALUES ($"event_date", $"event_date_month"),
TO EDGE Has_Year VALUES ($"event_date_month", $"event_year"),
TO EDGE Impacts VALUES ($"event_id", $"impacted_device") WHERE gsql_is_not_empty_string($"impacted_device"),
TO EDGE From_Device VALUES ($"event_id", $"device_from") WHERE gsql_is_not_empty_string($"device_from"),
TO EDGE To_Device VALUES ($"event_id", $"device_to") WHERE gsql_is_not_empty_string($"device_to")
TO EDGE Has_Date VALUES ($"event_date_minute", $"event_date"),
TO EDGE Impacts VALUES ($"event_id", $"impacted_device") WHERE gsql_is_not_empty_string($"impacted_device")
;
}

Expand Down
22 changes: 4 additions & 18 deletions agile_operations/network_infrastructure/loading_job/load_incident_data.gsql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,10 +14,7 @@ CREATE LOADING JOB load_incident_data FOR GRAPH Network_Infrastructure {
incident_id,
incident_type,
incident_timestamp,
incident_year,
incident_date_month,
incident_date,
incident_date_hour,
incident_date_minute,
impacted_device,
device_from,
Expand All @@ -27,10 +24,7 @@ CREATE LOADING JOB load_incident_data FOR GRAPH Network_Infrastructure {
$0,
$1,
$2,
gsql_substring($2, 0, 4),
gsql_substring($2, 0, 7),
gsql_substring($2, 0, 10),
gsql_concat(gsql_substring($2, 0, 13), ":00:00"),
gsql_concat(gsql_substring($2, 0, 16), ":00"),
$3,
$4,
Expand All @@ -43,22 +37,14 @@ CREATE LOADING JOB load_incident_data FOR GRAPH Network_Infrastructure {
TO VERTEX Incident VALUES ($"incident_id", $"severity"),
TO VERTEX Event_Type VALUES ("Incident"),
TO VERTEX Incident_Type VALUES ($"incident_type"),
TO VERTEX Time_Year VALUES ($"incident_year"),
TO VERTEX Time_Date_Month VALUES ($"incident_date_month"),
TO VERTEX Time_Date VALUES ($"incident_date"),
TO VERTEX Time_Date_Hour VALUES ($"incident_date_hour"),
TO VERTEX Time_Date_Minute VALUES ($"incident_date_minute"),
TO VERTEX Time_Date VALUES ($"incident_date", $"incident_date"),
TO VERTEX Time_Date_Minute VALUES ($"incident_date_minute", $"incident_date_minute"),
TO EDGE Event_Has_Type VALUES ($"incident_id", "Incident"),
TO EDGE Incident_Has_Type VALUES ($"incident_id", $"incident_type"),
TO EDGE Linked_With_Incident VALUES ($"incident_id", $"incident_id"),
TO EDGE Has_Minute VALUES ($"incident_id", $"incident_date_minute"),
TO EDGE Has_Hour VALUES ($"incident_date_minute", $"incident_date_hour"),
TO EDGE Has_Date VALUES ($"incident_date_hour", $"incident_date"),
TO EDGE Has_Month VALUES ($"incident_date", $"incident_date_month"),
TO EDGE Has_Year VALUES ($"incident_date_month", $"incident_year"),
TO EDGE Impacts VALUES ($"incident_id", $"impacted_device") WHERE gsql_is_not_empty_string($"impacted_device"),
TO EDGE From_Device VALUES ($"incident_id", $"device_from") WHERE gsql_is_not_empty_string($"device_from"),
TO EDGE To_Device VALUES ($"incident_id", $"device_to") WHERE gsql_is_not_empty_string($"device_to")
TO EDGE Has_Date VALUES ($"incident_date_minute", $"incident_date"),
TO EDGE Impacts VALUES ($"incident_id", $"impacted_device") WHERE gsql_is_not_empty_string($"impacted_device")
;
}

Expand Down
Binary file modified ...ions/network_infrastructure/meta/images/Network_Infrastructure_Schema_Image.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Loading