- 22 Jan 2024
- 6 Minutes to read
Managing Custom Relationships
- Updated on 22 Jan 2024
- 6 Minutes to read
Use the Custom Relationships Management page to create and manage custom relationships between assets. The Asset Graph uses asset relationships automatically defined by Axonius, based on the correlated data fetched via the adapters. Use Custom Relationships to define your own relationship types between assets based on your needs and understanding of the environment, business structure, and logical functions.
Most relationships are between assets of different types, such as devices and users. You can also create relationships between assets of the same type. For example, you can create a relationship "Managed by" between users that are managed by other users.
To manage custom relationships, you need the following permissions:
- Under System Management
- View system settings
- Update system settings
- Under each asset type for which you want to create Relationships
- Edit <asset type> relationships
All custom Relationships are listed on the Custom Relationships Management page.
To access the Custom Relationships Management page:
- Click in the top right corner of the platform to open System Settings.
- In the Categories/Subcategories pane of the System Settings page, expand Data, and select Custom Relationships Management. The Custom Relationships Management page opens.
The following information is displayed on the Custom Relationships Management page:
- Relationship Name - The name of the Custom Relationship.
- Source - The source asset type.
- Target - The target asset type.
- Default Relation - Indicates whether the Custom Relationship is set as the default for the relationship between the source and target asset types.
- Source Field - The source field.
- Target Field - The target field.
- Description - An optional description.
- Tags - Displays tags assigned to the Custom Relationship.
- Access - Which Data Scope/Role have access.
See Working with Tables to learn more about tables in Axonius.
A Relationship is how two assets are connected. For example, devices are connected to users based on when they were last used by them. Software is connected to devices if it is installed on them. This connection, the Relationship, is visualized in the Asset Graph as an arrow that indicates the "direction" of the Relationship.
Once a Relationship is created, you can visualize it and expand its connections using the Asset Graph allowing you to investigate environmental dependencies more accurately to help reduce the attack surface.
Multiple Relationships between asset types can be created. You can set one of them to be the default Relationship to make working with these asset type pairs easier. The default will be selected automatically when you explore connections.
Creating a New Custom Relationship
To create a new Relationship:
Click Create New over the right side of the Custom Relationships Managment table. The New Assets Relationship drawer opens.
In Relationship name, enter a name that describes how the asset types can be connected. For example, the relationship between Devices and Users can be "Last used by".
Optionally, click Add description to add a description of the Relationship. It is recommended to describe the relationship between the two asset types.
In Tags, select existing tags or create any new tags you want to assign to the Relationship.
Under Set a Relationship, do the following:
- Under Source, select an asset type module. Then, under Field, select the field whose value will match the field selected under Target.
- Under Target, select an asset type module and under Field the field whose value matches that of the field selected under Source.
Hover over the field names to see the full name.
Enable Set as default relationship to set this Relationship as the default between these asset types.
To test whether the Relationship is valid, click Test Run. The results of the test are displayed in a message box. See Using Test Run.
Click Create Relationship. This Relationship is now available when using the Exploring Connections pane in the Asset Graph.
Using Test Run
When creating a custom Relationship, use Test Run to verify the validity of a custom relationship between assets based on the selected matching field values. The Relationship is tested on the first found assets for each of the selected fields. Some assets may not have a value for the selected field.
When the Test Run is Successful
The test run is successful when the data types of the selected fields are the same (for example, they are both email addresses) and at least one matching value exists before creating the Relationship.
When the test run is successful, a dialog is displayed listing one asset for both the source and target of the Relationship. A link navigates to each asset's profile page in a new browser tab. Click Create to create the custom Relationship.
When the Test Run Fails
When the test run fails, a dialog is displayed stating the reason for failure. For example, if there are no matching values for the selected fields, the test will fail. Even if the test fails, you can still create the Relationship. This is useful when you are creating Relationships for future use. Click Create to create the custom Relationship.
One-Way and Two-Way Relationships
Relationships are one-way and have a source and a target. For example, a device (source) is "accessed by" a user (target), but a user is not "accessed by" a device; the Relationship arrow points from the device toward the user. A device (source) "has" a vulnerability, but a vulnerability (target) does not "have" a device.
To create a two-way Relationship, define another Relationship where the target and source are switched with the corresponding asset types and fields.
For example, you can create a two way Relationship to see which users own a device, and, in the other "direction", to see which devices are owned by a user.
The first "direction" of the two-way relationship - the source device's Owner field to the target user's User Name field:
The other "direction" - the source is the user's User Name field to the target device's Owner field:
These relationships appear in the Custom Relationships Management page as:
They appear in the Asset Graph as:
And they are available in the Expand Options pane in the Asset Graph:
Editing Existing Relationships
You can edit the name, description, and tags of existing Relationships. Only custom Relationships can be edited.
To edit a Relationship:
- Select a Relationship in the Custom Relationships Management table.
- In the header of the Relationship details pane, click the pencil icon.
- Make the changes you want and click Save. Click Test Run before saving to verify the Relationship is valid.
Duplicating and Deleting Relationships
You can duplicate Relationships, as well as, delete them when they are no longer needed. Only custom Relationships can be deleted.
To duplicate a Relationship:
- Do one of the following:
- Select a Relationship in the Custom Relationships Management table. From the Actions menu, select Duplicate.
- When the Relationship details pane is opened, click in the Relationship details header.
- The details of the copy of the Relationship are displayed. "Copy of" is added to the name of the Relationship. You can change the name as well as any other details of the Relationship.
- Click Create Relationship.
To delete a Relationship:
- Do one of the following:
- Select a Relationship in the Custom Relationships Management table. From the Actions menu, select Delete.
- When the details drawer is opened, click in the Relationship details header.
- The Relationship is deleted and no longer available.