Skip to main content
Version: Local Β· In Progress

Database Schema Reference

Auto-generated β€” do not edit. Re-run scripts/generate-db-erd.ts to update.

Summary Stats​

  • Total entities: 133
  • Database: PostgreSQL (TypeORM)
  • Tenant isolation: Schema-per-tenant (search_path)
  • Generated: 2026-04-05T09:31:31.171Z

Entity Catalog​

Entity ClassTable NameModuleDescription
ApiAuditLogapi_audit_logsAdministration & Authβ€”
AuditLogaudit_logAdministration & Authβ€”
IpBlacklistip_blacklistAdministration & Authβ€”
IpWhitelistip_whitelistAdministration & Authβ€”
LicenseConfiglicense_configAdministration & AuthSingleton row (id = 'default') that persists the active license key in the datab
LicenseEventlicense_eventsAdministration & Authβ€”
NotificationConfignotification_configAdministration & AuthNotificationConfig β€” Global notification system configuration Stores SMTP settin
NotificationLognotification_logAdministration & AuthNotificationLog β€” Tracks every notification sent to users Supports in-app and em
NotificationPreferencenotification_preferenceAdministration & AuthNotificationPreference β€” Per-user notification channel preferences Each user can
RolerolesAdministration & Authβ€”
SavedFiltersaved_filtersAdministration & AuthSavedFilter β€” User-scoped saved filter presets for Explore page Each user can sa
SecurityAuditLogsecurity_audit_logsAdministration & Authβ€”
SettingssettingsAdministration & Authβ€”
SsoConfigsso_configAdministration & AuthSingleton row (id = 'default') storing Microsoft Entra ID SSO configuration. Onl
TenantEntitlementtenant_entitlementsAdministration & AuthPer-tenant entitlement record in the public schema. Populated on provisioning, u
TokenBlacklisttoken_blacklistAdministration & Authβ€”
UserusersAdministration & Authβ€”
VfpAuditLogvfp_audit_logAdministration & AuthVfpAuditLog β€” VFP-specific audit trail Records all significant actions within th
AiCacheEntryai_cache_entryAI LabsAiCacheEntry β€” Persists AI response cache entries to survive restarts. Used by a
AiConversationai_conversationAI LabsAiConversation β€” Persistent AI chat conversations Stores multi-turn conversation
AiGovernancePolicyai_governance_policiesAI LabsAiGovernancePolicy β€” An organization-defined policy governing AI tool usage. Pol
AiPromptTemplateai_prompt_templateAI LabsAiPromptTemplate β€” Versioned prompt templates for AI features Each AI feature (f
AiProviderai_providerAI LabsAiProvider β€” Configurable AI provider settings Stores connection details and con
AiRiskai_risksAI LabsAiRisk β€” A detected risk or violation related to AI tool usage. Risks are raised
AiToolai_toolsAI LabsAiTool β€” An AI/ML tool detected or registered within an organization. Tracks AI
AiUsageLogai_usage_logAI LabsAiUsageLog β€” Tracks AI API usage for billing and analytics Records every AI exec
AiUserProviderai_user_providerAI LabsAiUserProvider β€” Per-user AI provider configuration Allows individual users to c
AnomalyDayanomaly_daysAI LabsAnomalyDay tracks days with detected data anomalies (spikes) Used for: - KPI nor
SensitiveDataPatternsensitive_data_patternsAI LabsSensitiveDataPattern - Configurable regex patterns for sensitive data detection.
AppSecCredentialappsec_credentialsAppSec / Pentest ScannerAppSecCredential β€” Centralized credential vault for the AppSec module. Stores na
OsintApiKeyosint_api_keysAppSec / Pentest Scannerβ€”
PentestActivityEventpentest_activity_eventsAppSec / Pentest Scannerβ€”
PentestAgentConfigpentest_agent_configsAppSec / Pentest ScannerPentestAgentConfig - runtime configuration for each attack agent. Each agent (xs
PentestAgentLogpentest_agent_logsAppSec / Pentest ScannerPentestAgentLog - execution log for each agent run within an assessment. Tracks
PentestAssessmentpentest_assessmentsAppSec / Pentest ScannerPentestAssessment - a single penetration test run against a target. Each assessm
PentestAuthProfilepentest_auth_profilesAppSec / Pentest ScannerPentestAuthProfile - authentication configuration for authenticated testing. Sto
PentestCrawlResultpentest_crawl_resultsAppSec / Pentest ScannerPentestCrawlResult - stores crawl discovery data for an assessment. Each row rep
PentestEvidencepentest_evidenceAppSec / Pentest ScannerPentestEvidence - proof artifacts attached to a finding. Each finding can have m
PentestExploitChainpentest_exploit_chainsAppSec / Pentest ScannerPentestExploitChain - a multi-step attack path combining individual findings. Ex
PentestFindingpentest_findingsAppSec / Pentest ScannerPentestFinding - an individual vulnerability discovered during an assessment. Ea
PentestFindingExceptionpentest_finding_exceptionAppSec / Pentest ScannerPentestFindingException β€” AppSec exception / risk acceptance for DAST findings S
PentestFindingObservationpentest_finding_observationAppSec / Pentest ScannerPentestFindingObservation - append-only observation record for scan history inte
PentestReportpentest_reportsAppSec / Pentest ScannerPentestReport - generated assessment report. Reports are generated after an asse
PentestScanTemplatepentest_scan_templateAppSec / Pentest ScannerPentestScanTemplate β€” reusable scan configuration templates for AppSec assessmen
PentestTargetpentest_targetsAppSec / Pentest ScannerPentestTarget - a web application or API endpoint registered for security assess
PentestTestCasepentest_test_casesAppSec / Pentest ScannerPentestTestCase - a reusable test case template that agents execute. Migrated fr
Phase0Sessionpentest_phase0_sessionsAppSec / Pentest ScannerSensitive patterns that trigger encryption of the answer field. */ const SENSIT
ProxyConfigproxy_configAppSec / Pentest ScannerSingleton row (id = 'default') that persists the corporate proxy configuration.
ScannerAgentscanner_agentsAppSec / Pentest ScannerScannerAgent β€” WeaverScan agent registry Each row represents a registered scanne
ScannerAttackPathscanner_attack_pathsAppSec / Pentest ScannerScannerAttackPath β€” Computed attack path analysis Represents a chain of vulnerab
ScannerBenchmarkscanner_benchmarksAppSec / Pentest ScannerScannerBenchmark β€” ground truth database for vulnerability benchmarks. Stores kn
ScannerComplianceAttestationscanner_compliance_attestationsAppSec / Pentest Scannerβ€”
ScannerComplianceSnapshotscanner_compliance_snapshotsAppSec / Pentest ScannerScannerComplianceSnapshot β€” Point-in-time compliance assessment Stores the overa
ScannerConfigscanner_configAppSec / Pentest ScannerScannerConfig β€” stores configuration for each connected vulnerability scanner. E
ScannerConflictscanner_conflictsAppSec / Pentest Scannerβ€”
ScannerContainerscanner_containersAppSec / Pentest ScannerScannerContainer β€” Container tracking for WeaverScan Tracks individual container
ScannerDetectionSignaturescanner_detection_signaturesAppSec / Pentest ScannerScannerDetectionSignature β€” Vulnerability detection rules Each signature describ
ScannerEdrEventscanner_edr_eventsAppSec / Pentest ScannerScannerEdrEvent β€” EDR event tracking for WeaverScan Records endpoint detection a
ScannerEnrollmentTokenscanner_enrollment_tokensAppSec / Pentest ScannerScannerEnrollmentToken β€” One-time or multi-use tokens for agent enrollment Agent
ScannerFalsePositivePatternscanner_false_positive_patternsAppSec / Pentest ScannerScannerFalsePositivePattern β€” False positive suppression rules Defines patterns
ScannerFimRulescanner_fim_rulesAppSec / Pentest ScannerScannerFimRule β€” File Integrity Monitoring rules for WeaverScan Defines which fi
ScannerIntelSyncLogscanner_intel_sync_logAppSec / Pentest ScannerScannerIntelSyncLog β€” Threat intelligence feed sync tracking Records each sync a
ScannerMobileDevicescanner_mobile_devicesAppSec / Pentest ScannerScannerMobileDevice β€” Mobile/IoT device tracking for WeaverScan Tracks mobile de
ScannerNlpPolicyscanner_nlp_policiesAppSec / Pentest Scannerβ€”
ScannerRelayscanner_relaysAppSec / Pentest ScannerScannerRelay β€” WeaverRelay tracking entity Represents a relay node in the Weaver
ScannerRemediationJobscanner_remediation_jobsAppSec / Pentest ScannerScannerRemediationJob β€” Agent-executed remediation tasks Represents an approved
ScannerSbomDriftEventscanner_sbom_drift_eventsAppSec / Pentest ScannerScannerSbomDriftEvent β€” SBOM change detection events When consecutive SBOM snaps
ScannerSbomSnapshotscanner_sbom_snapshotsAppSec / Pentest ScannerScannerSbomSnapshot β€” Point-in-time SBOM capture from an agent Stores the full C
ScannerScanResultscanner_scan_resultsAppSec / Pentest ScannerScannerScanResult β€” Individual scan execution result from an agent Each row repr
ScannerSyncLogscanner_sync_logAppSec / Pentest ScannerScannerSyncLog β€” tracks each sync run for any scanner. Records start time, compl
TargetLearnedContextpentest_target_learned_contextAppSec / Pentest ScannerTargetLearnedContext β€” persists learned intelligence about a pentest target acro
SbomAssetLinksbom_asset_linkCloud SecuritySbomAssetLink β€” Links SBOM components to specific assets Many-to-many relationsh
SbomComponentsbom_componentCloud SecuritySbomComponent β€” Software Bill of Materials component record Represents a single
SbomImportLogsbom_import_logCloud SecuritySbomImportLog β€” Audit trail for SBOM file imports Records every SBOM import oper
AssetassetsExposure ManagementAsset entity for storing vulnerability management asset inventory. Supports mult
AssetGroupasset_groupExposure ManagementAssetGroup β€” Logical grouping of assets by dynamic filter criteria Groups can be
AssetOwnershipasset_ownershipExposure ManagementAssetOwnership β€” Maps assets to owners, teams, and business context Enables rout
AssetTagasset_tagsExposure ManagementAssetTag β€” user-defined tags that can be assigned to assets. Separate from Tenab
ComplianceAssessmentcompliance_assessmentExposure ManagementComplianceAssessment β€” Point-in-time compliance assessment result Records the re
ComplianceFrameworkcompliance_frameworkExposure ManagementComplianceFramework β€” Defines a compliance standard with mapped controls Represe
DashboarddashboardExposure Managementβ€”
DashboardGroupdashboard_groupExposure Managementβ€”
DashboardWidgetdashboard_widgetExposure Managementβ€”
RemediationCampaignremediation_campaignExposure ManagementRemediationCampaign β€” Orchestrates a group of work packages A campaign is a time
RemediationPlaybookremediation_playbookExposure ManagementRemediationPlaybook β€” Step-by-step remediation instructions A playbook provides
ScanscansExposure ManagementScan β€” the core scan definition. Represents a configured scan with targets, cred
ScanAgentTaskscan_agent_tasksExposure ManagementScanAgentTask β€” Remote scan agent task registry Each row represents a scan task
ScanBlackoutWindowscan_blackout_windowsExposure ManagementScanBlackoutWindow β€” time windows during which scans must not run. Blackout wind
ScanChainscan_chainsExposure ManagementScanChainStep β€” a single step within a scan chain pipeline. Each step references
ScanCredentialscan_credentialsExposure ManagementScanCredential β€” encrypted credentials for authenticated scans. Stores SSH keys,
ScanExclusionscan_exclusionsExposure ManagementScanExclusion β€” patterns that exclude specific targets, plugins, or CVEs from sc
ScanFindingscan_findingsExposure ManagementScanFinding β€” individual vulnerability/compliance finding from a scan. Each find
ScanFolderscan_foldersExposure ManagementScanFolder β€” organizational folders for scans. Supports system folders (My Scans
ScanHistoryImportscan_history_importsExposure ManagementTracks individual scan-run imports. Each row represents one Tenable scan history
ScanImportJobscan_import_jobsExposure ManagementTracks bulk scan history import jobs. Each row represents one admin-initiated im
ScanNotificationscan_notificationsExposure ManagementScanNotification β€” Tracks scan-related notifications for users Created automatic
ScanPolicyscan_policiesExposure ManagementScanPolicy β€” custom scan policies for fine-grained check control. Policies defin
ScanResultHostscan_result_hostsExposure ManagementScanResultHost β€” per-host results within a scan run. Each row represents a singl
ScanRunscan_runsExposure ManagementScanRun β€” a single execution instance of a Scan. Each time a scan is launched, a
ScanSchedulescan_schedulesExposure ManagementScanSchedule β€” recurring schedule definitions for scans. Each schedule is linked
ScanTemplatescan_templatesExposure ManagementScanTemplate β€” built-in and custom scan template definitions. Templates define t
SyncJobsync_jobsExposure Managementβ€”
SyncLogsync_logsExposure ManagementVulnerability entity for storing Tenable.io vulnerability data This allows viewi
VfpExceptionvfp_exceptionExposure ManagementVfpException β€” Risk acceptance / exception request Tracks exception requests for
VfpPolicyConfigvfp_policy_configExposure ManagementVfpPolicyConfig β€” Risk scoring policy configuration Stores the weight distributi
VfpRiskScorevfp_risk_scoreExposure ManagementVfpRiskScore β€” Composite risk score per vulnerability instance Stores the comput
VfpTeamvfp_teamExposure ManagementVfpTeam β€” Remediation team for work package assignment Teams group users for ass
VfpTicketLinkvfp_ticket_linkExposure ManagementVfpTicketLink β€” External ticket system integration Links a work package to an ex
VfpValidationRecordvfp_validation_recordExposure ManagementVfpValidationRecord β€” Remediation verification evidence Tracks the validation/ve
VfpWorkPackagevfp_work_packageExposure ManagementVfpWorkPackage β€” Grouped remediation work unit A work package bundles related vu
VfpWorkPackageItemvfp_work_package_itemExposure ManagementVfpWorkPackageItem β€” Individual vulnerability in a work package Each item refere
VulnerabilityvulnerabilitiesExposure ManagementVulnerability entity for storing Tenable.io vulnerability data This allows viewi
VulnerabilityStateTransitionvulnerability_state_transitionsExposure ManagementVulnerabilityStateTransition tracks state changes over time Enhanced to support
VulnerabilityStatsvulnerability_statsExposure ManagementVulnerabilityStats entity for pre-computed daily aggregations This allows fast d
VulnerabilityStatsByCategoryvulnerability_stats_by_categoryExposure ManagementVulnerabilityStatsByCategory stores daily per-category aggregations This enables
WidgetTemplatewidget_templateExposure Managementβ€”
ApiConfigapi_configOperations & Integrationsβ€”
ArchivedDataarchived_dataOperations & Integrationsβ€”
ChunkProgresschunk_progressOperations & IntegrationsChunkProgress entity for tracking individual chunk downloads Enables resume capa
CleanupLogcleanup_logsOperations & Integrationsβ€”
DateExclusiondate_exclusionsOperations & IntegrationsDateExclusion entity - stores excluded dates for dashboard calculations Enhanced
ExportJobexport_jobsOperations & IntegrationsExportJob entity for tracking async export requests Enables background generatio
GeneratedReportgenerated_reportOperations & IntegrationsGeneratedReport β€” A completed report instance with its data Stores the output of
IntegrationConfigintegration_configOperations & IntegrationsIntegrationConfig β€” VFP Phase 10 External Integration Settings Stores configurat
OsCategoryRuleos_category_rulesOperations & Integrationsβ€”
QuarantinedDataquarantined_dataOperations & IntegrationsQuarantinedData entity for storing corrupted or invalid data Enables data integr
ReportTemplatereport_templateOperations & IntegrationsReportTemplate β€” Reusable report layout definition Defines the structure and dat
ScheduledReportscheduled_reportOperations & IntegrationsScheduledReport β€” Recurring report generation configuration Stores user-defined
SlaEscalationsla_escalationOperations & IntegrationsSlaEscalation β€” SLA tracking for individual work packages Records the SLA due da
SlaPolicyConfigsla_policy_configOperations & IntegrationsSlaPolicyConfig β€” SLA policy definitions for vulnerability remediation Defines t
TargetGroupscan_target_groupsOperations & IntegrationsTargetGroup β€” reusable groups of scan targets. Static groups contain explicit IP
WebhookConfigwebhook_configOperations & IntegrationsWebhookConfig β€” VFP Phase 10 Webhook Configuration Stores outbound webhook endpo
WebhookDeliveryLogwebhook_delivery_logOperations & IntegrationsWebhookDeliveryLog β€” VFP Phase 10 Webhook Delivery Tracking Records every outbou

Exposure Management Tables​

42 entities

Entity Relationships (Mermaid ERD)​

Column Reference​

asset_group (AssetGroup)​

AssetGroup β€” Logical grouping of assets by dynamic filter criteria Groups can be defined by filter criteria (e.g. all Linux production servers) and used for bulk work package assignment and reporting.

ColumnTypeNullableNotes
iduuidNoPK
namevarcharNo
descriptiontextYes
filterCriteriajsonbYes
createdByvarcharYes
createdAtvarcharNo
updatedAtvarcharNo

asset_ownership (AssetOwnership)​

AssetOwnership β€” Maps assets to owners, teams, and business context Enables routing vulnerability fix tasks to the correct team/individual. Supports CSV bulk import for enterprise onboarding.

ColumnTypeNullableNotes
iduuidNoPK
assetUuidvarcharNo
ownerEmailvarcharYes
ownerTeamvarcharYes
businessUnitvarcharYes
environmentvarcharYes
criticalityvarcharNo
tagsjsonbYes
importedAttimestampYes
createdAtvarcharNo
updatedAtvarcharNo

asset_tags (AssetTag)​

AssetTag β€” user-defined tags that can be assigned to assets. Separate from Tenable-synced tags (which live in Asset.tags text column). These are local custom tags created in ThreatWeaver.

ColumnTypeNullableNotes
iduuidNoPK
keyvarcharNo
valuevarcharNo
colorvarcharYes
descriptiontextYes
assetUuidssimple-arrayYes
createdByuuidYes
createdAtvarcharNo
updatedAtvarcharNo

assets (Asset)​

Asset entity for storing vulnerability management asset inventory. Supports multi-platform ingestion (Tenable, Qualys, Rapid7, CrowdStrike, etc.) Core fields are normalized across tools; tool-specific

ColumnTypeNullableNotes
uuidvarcharNoPK
idvarcharYes
hostnamevarcharYes
ipv4simple-arrayYes
ipv6simple-arrayYes
fqdnsimple-arrayYes
operatingSystemvarcharYes
hasAgentbooleanNo
lastSeentimestampYes
lastAuthenticatedScanDatetimestampYes
lastLicensedScanDatetimestampYes
sourcestextYes
tagstextYes
isLicensedbooleanNo
assetTypevarcharYes
acrScorefloatYes
aesScorefloatYes
systemTypevarcharYes
agentNamevarcharYes
netbiosNamevarcharYes
macAddressestextYes
networkIdvarcharYes
installedSoftwaretextYes
sshFingerprintvarcharYes
isPublicbooleanYes
terminatedAttimestampYes
lastScanTimetimestampYes
firstObservedtimestampYes
sourceToolvarcharNo
sourceToolAssetIdvarcharYes
toolSpecificDatatextYes
syncJobIdvarcharYes
createdAtvarcharNo
updatedAtvarcharNo

compliance_assessment (ComplianceAssessment)​

ComplianceAssessment β€” Point-in-time compliance assessment result Records the results of running a compliance assessment against a framework. Tracks per-control pass/fail and overall compliance score,

ColumnTypeNullableNotes
iduuidNoPK
frameworkIdvarcharNo
assessmentDatetimestampNo
totalControlsintegerNo
passedControlsintegerNo
failedControlsintegerNo
notApplicableintegerNo
complianceScoredecimalNo
findingsjsonbYes
createdByvarcharNo
createdAtvarcharNo

compliance_framework (ComplianceFramework)​

ComplianceFramework β€” Defines a compliance standard with mapped controls Represents a compliance framework (e.g., PCI-DSS 4.0, SOC 2, HIPAA, ISO 27001) with its control mappings. Controls can be linke

ColumnTypeNullableNotes
iduuidNoPK
namevarcharNo
versionvarcharYes
descriptiontextYes
controlsjsonbNo
isActivebooleanNo
createdByvarcharNo
createdAtvarcharNo
updatedAtvarcharNo

dashboard (Dashboard)​

ColumnTypeNullableNotes
iduuidNoPK
namevarcharNo
descriptiontextYes
slugvarcharNo
ownerIduuidNo
groupIduuidYes
isDefaultbooleanNo
isTemplatebooleanNo
isSystembooleanNo
isSharedbooleanNo
layoutjsonbNo
filtersjsonbNo
categoryvarcharYes
moduleTagvarcharYes
tagssimple-arrayNo
usageCountintegerNo
createdAtvarcharNo
updatedAtvarcharNo
deletedAttimestampYes

Relations:

  • owner: ManyToOne β†’ User

dashboard_group (DashboardGroup)​

ColumnTypeNullableNotes
iduuidNoPK
namevarcharNo
ownerIduuidNo
sortOrderintegerNo
createdAtvarcharNo

Relations:

  • owner: ManyToOne β†’ User

dashboard_widget (DashboardWidget)​

ColumnTypeNullableNotes
iduuidNoPK
dashboardIduuidNo
templateIduuidYes
namevarcharNo
descriptiontextYes
chartTypevarcharNo
dataSourcevarcharNo
configjsonbNo
positionjsonbNo
refreshIntervalintegerNo
createdAtvarcharNo
updatedAtvarcharNo

Relations:

  • dashboard: ManyToOne β†’ Dashboard

remediation_campaign (RemediationCampaign)​

RemediationCampaign β€” Orchestrates a group of work packages A campaign is a time-bound effort to remediate a set of vulnerabilities, grouping multiple work packages under a shared target date and trac

ColumnTypeNullableNotes
iduuidNoPK
namevarcharNo
descriptiontextYes
targetDatedateYes
statusvarcharNo
metricsjsonbYes
createdByvarcharNo
createdAtvarcharNo
updatedAtvarcharNo

remediation_playbook (RemediationPlaybook)​

RemediationPlaybook β€” Step-by-step remediation instructions A playbook provides structured remediation steps for a class of vulnerabilities, including commands, rollback procedures, and validation che

ColumnTypeNullableNotes
iduuidNoPK
namevarcharNo
vulnClassvarcharYes
osFamilyvarcharYes
appFamilyvarcharYes
stepsjsonbNo
rollbackjsonbYes
validationStepsjsonbYes
createdByvarcharNo
createdAtvarcharNo
updatedAtvarcharNo

scan_agent_tasks (ScanAgentTask)​

ScanAgentTask β€” Remote scan agent task registry Each row represents a scan task assigned to a remote scan agent. Tasks are dispatched from the gateway, acknowledged by the agent, and results reported

ColumnTypeNullableNotes
iduuidNoPK
agentIduuidNo
assessmentIduuidYes
scanRunIduuidYes
taskTypevarcharNo
targetUrltextNo
targetScopejsonbNo
scanConfigjsonbNo
priorityvarcharNo
statusvarcharNo
assignedAttimestampYes
acknowledgedAttimestampYes
startedAttimestampYes
completedAttimestampYes
progressintegerNo
endpointsDiscoveredintegerNo
endpointsScannedintegerNo
requestsSentintegerNo
findingsCountintegerNo
hostsScannedintegerNo
portsScannedintegerNo
servicesDetectedintegerNo
summaryjsonbYes
errorMessagetextYes
durationSecondsintegerYes
timeoutSecondsintegerNo
maxRequestsintegerNo
createdAtvarcharNo
updatedAtvarcharNo

scan_blackout_windows (ScanBlackoutWindow)​

ScanBlackoutWindow β€” time windows during which scans must not run. Blackout windows can be global (affect all scans), scoped to a specific scan, or scoped to a folder. Supports recurring windows (e.g.

ColumnTypeNullableNotes
iduuidNoPK
namevarcharNo
scopevarcharNo
scopeIduuidYes
startTimevarcharNo
endTimevarcharNo
timezonevarcharNo
daysOfWeekjsonbNo
startDatedateYes
endDatedateYes
isRecurringbooleanNo
isActivebooleanNo
createdByuuidYes
createdAtvarcharNo

scan_chains (ScanChain)​

ScanChainStep β€” a single step within a scan chain pipeline. Each step references a scan to launch, with a trigger condition based on the previous step's outcome, optional target passthrough, and a del

ColumnTypeNullableNotes
iduuidNoPK
namevarcharNo
descriptiontextYes
stepsjsonbNo
isActivebooleanNo
createdByvarcharNo
createdAtvarcharNo
updatedAtvarcharNo

scan_credentials (ScanCredential)​

ScanCredential β€” encrypted credentials for authenticated scans. Stores SSH keys, Windows NTLM, SNMP v3, database credentials, etc. Credentials are AES-256 encrypted at rest. Can be scoped to specific

ColumnTypeNullableNotes
iduuidNoPK
namevarcharNo
descriptiontextYes
credentialTypevarcharNo
credentialsEncryptedtextNo
scopejsonbYes
createdByuuidYes
isSharedbooleanNo
lastTestedAttimestampYes
lastTestResultvarcharYes
createdAtvarcharNo
updatedAtvarcharNo

scan_exclusions (ScanExclusion)​

ScanExclusion β€” patterns that exclude specific targets, plugins, or CVEs from scanning. Exclusions can be global (affect all scans), scoped to a specific scan, or scoped to a folder. Every exclusion r

ColumnTypeNullableNotes
iduuidNoPK
namevarcharNo
excludeTypevarcharNo
patterntextNo
scopevarcharNo
scopeIduuidYes
reasontextNo
expiresAttimestampYes
isActivebooleanNo
createdByvarcharNo
createdAtvarcharNo
updatedAtvarcharNo

scan_findings (ScanFinding)​

ScanFinding β€” individual vulnerability/compliance finding from a scan. Each finding is tied to a ScanRun + ScanResultHost and captures full vulnerability details: CVE/CWE IDs, CVSS scores, EPSS probab

ColumnTypeNullableNotes
iduuidNoPK
scanRunIduuidNo
hostIduuidNo
checkIdvarcharYes
pluginIdvarcharYes
namevarcharNo
descriptiontextYes
familyvarcharYes
cveIdsjsonbNo
cweIdsjsonbNo
severityvarcharNo
cvssV3ScorerealYes
cvssV3VectorvarcharYes
epssScorerealYes
weaverScorerealYes
solutiontextYes
referencesjsonbNo
pluginOutputtextYes
portintegerYes
protocolvarcharYes
servicevarcharYes
findingStatusvarcharNo
firstSeenAttimestampNo
lastSeenAttimestampNo
exploitAvailablebooleanNo
exploitMaturityvarcharYes
malwareAssociatedbooleanNo
inCisaKevbooleanNo
complianceFrameworkvarcharYes
complianceControlvarcharYes
complianceStatusvarcharYes
complianceEvidencetextYes
isFalsePositivebooleanNo
feedbackNotetextYes
feedbackByvarcharYes
feedbackAttimestampYes
createdAtvarcharNo

scan_folders (ScanFolder)​

ScanFolder β€” organizational folders for scans. Supports system folders (My Scans, All Scans, Trash), custom user folders, and smart folders with dynamic filter rules. Folders can be nested via parentI

ColumnTypeNullableNotes
iduuidNoPK
namevarcharNo
typevarcharNo
ownerIduuidYes
parentIduuidYes
iconvarcharYes
sortOrderintegerNo
smartFilterjsonbYes
createdAtvarcharNo

scan_history_imports (ScanHistoryImport)​

Tracks individual scan-run imports. Each row represents one Tenable scan history entry that was (or is being) imported. The UNIQUE(scan_id, history_id) constraint prevents re-importing the same scan r

ColumnTypeNullableNotes
idintNoPK
importJobIdvarcharNo
scanIdintNo
scanNamevarcharYes
historyIdintNo
scanDatetimestamptzNo
findingsCountintNo
statusvarcharNo
errortextYes
processedAttimestamptzYes
createdAttimestamptzNo

scan_import_jobs (ScanImportJob)​

Tracks bulk scan history import jobs. Each row represents one admin-initiated import job which may process multiple scan runs. Progress counters are updated in real-time during import. Status lifecycl

ColumnTypeNullableNotes
idvarcharNoPK
statusvarcharNo
totalRunsintNo
processedRunsintNo
failedRunsintNo
skippedRunsintNo
totalFindingsintNo
selectedScanIdsjsonbYes
dateRangeStarttimestamptzYes
dateRangeEndtimestamptzYes
dryRunbooleanNo
startedByvarcharYes
startedAttimestamptzYes
completedAttimestamptzYes
errortextYes
createdAttimestamptzNo

scan_notifications (ScanNotification)​

ScanNotification β€” Tracks scan-related notifications for users Created automatically by the NotificationManager when scan events occur (critical findings, scan complete, scan failed, schedule triggere

ColumnTypeNullableNotes
iduuidNoPK
userIdvarcharNo
typevarcharNo
titlevarcharNo
messagetextYes
metadatajsonbYes
readbooleanNo
readAttimestampYes
createdAtvarcharNo

scan_policies (ScanPolicy)​

ScanPolicy β€” custom scan policies for fine-grained check control. Policies define which check families are enabled/disabled, severity overrides for specific checks, and custom check definitions. A sca

ColumnTypeNullableNotes
iduuidNoPK
namevarcharNo
descriptiontextYes
createdByuuidYes
checkFamiliesjsonbNo
severityOverridesjsonbNo
customChecksjsonbNo
createdAtvarcharNo
updatedAtvarcharNo

scan_result_hosts (ScanResultHost)​

ScanResultHost β€” per-host results within a scan run. Each row represents a single host that was scanned during a ScanRun. Tracks host identification (IP, hostname, OS), scan status, finding counts by

ColumnTypeNullableNotes
iduuidNoPK
scanRunIduuidNo
ipAddressvarcharYes
hostnamevarcharYes
osDetectedvarcharYes
macAddressvarcharYes
statusvarcharNo
startedAttimestampYes
completedAttimestampYes
findingsCriticalintegerNo
findingsHighintegerNo
findingsMediumintegerNo
findingsLowintegerNo
findingsInfointegerNo
riskScorerealYes
openPortsjsonbNo
createdAtvarcharNo

scan_runs (ScanRun)​

ScanRun β€” a single execution instance of a Scan. Each time a scan is launched, a new ScanRun is created with an incrementing runNumber. Tracks progress, duration, host counts, and finding severity bre

ColumnTypeNullableNotes
iduuidNoPK
scanIduuidNo
runNumberintegerNo
statusvarcharNo
progressrealNo
startedAttimestampYes
completedAttimestampYes
durationSecondsintegerYes
totalHostsintegerNo
hostsCompletedintegerNo
hostsFailedintegerNo
findingsCriticalintegerNo
findingsHighintegerNo
findingsMediumintegerNo
findingsLowintegerNo
findingsInfointegerNo
segmentsjsonbNo
engineIdvarcharYes
engineTypevarcharYes
logtextYes
createdAtvarcharNo
updatedAtvarcharNo

scan_schedules (ScanSchedule)​

ScanSchedule β€” recurring schedule definitions for scans. Each schedule is linked to a Scan via scanId and defines the frequency, timing, and timezone for automatic scan execution. The scheduler servic

ColumnTypeNullableNotes
iduuidNoPK
scanIduuidNo
namevarcharYes
frequencyvarcharNo
configjsonbNo
isActivebooleanNo
nextRunAttimestampYes
lastRunAttimestampYes
createdAtvarcharNo
updatedAtvarcharNo

scan_templates (ScanTemplate)​

ScanTemplate β€” built-in and custom scan template definitions. Templates define the default configuration for a scan type (e.g. Quick Scan, Full Vulnerability Scan, CIS Benchmark). Built-in templates a

ColumnTypeNullableNotes
iduuidNoPK
namevarcharNo
slugvarcharNo
descriptiontextYes
categoryvarcharNo
scanTypevarcharNo
iconvarcharYes
estimatedDurationMinutesintegerYes
isBuiltinbooleanNo
isCustombooleanNo
createdByuuidYes
configjsonbNo
createdAtvarcharNo
updatedAtvarcharNo

scans (Scan)​

Scan β€” the core scan definition. Represents a configured scan with targets, credentials, schedule, and results. Each scan can be launched multiple times, producing ScanRun records. Status follows the

ColumnTypeNullableNotes
iduuidNoPK
namevarcharNo
descriptiontextYes
folderIduuidYes
templateIduuidYes
policyIduuidYes
createdByuuidYes
targetsjsonbNo
targetGroupIdsjsonbNo
excludedTargetsjsonbNo
credentialIdsjsonbNo
configjsonbNo
scheduleTypevarcharNo
scheduleConfigjsonbYes
nextRunAttimestampYes
statusvarcharNo
progressrealNo
startedAttimestampYes
completedAttimestampYes
durationSecondsintegerYes
totalHostsintegerNo
hostsCompletedintegerNo
hostsFailedintegerNo
findingsCriticalintegerNo
findingsHighintegerNo
findingsMediumintegerNo
findingsLowintegerNo
findingsInfointegerNo
maxConcurrentHostsintYes
maxChecksPerHostintYes
networkTimeoutMsintYes
retryCountintYes
bandwidthLimitKbpsintYes
scanPriorityintNo
scanEnginevarcharNo
engineConfigjsonbYes
tagsjsonbNo
notificationsjsonbNo
createdAtvarcharNo
updatedAtvarcharNo

sync_jobs (SyncJob)​

ColumnTypeNullableNotes
iduuidNoPK
statusvarcharNo
ingestionStatusvarcharNo
statsStatusvarcharNo
triggerTypevarcharNo
scopevarcharNo
dateRangeStartdateYes
dateRangeEnddateYes
progressintNo
totalRecordsintNo
processedRecordsintNo
apiCallsCountintNo
phasevarcharNo
recordsInsertedintNo
recordsUpdatedintNo
recordsSkippedintNo
recordsFailedintNo
statusMessagetextYes
errorMessagetextYes
triggeredByvarcharYes
createdAtvarcharNo
startedAttimestampYes
completedAttimestampYes
updatedAtvarcharNo

sync_logs (SyncLog)​

Vulnerability entity for storing Tenable.io vulnerability data This allows viewing real IPs, hostnames, and downloading raw data UNIQUE CONSTRAINT: instanceKey (sha256 of assetUuid:pluginId:port:proto

ColumnTypeNullableNotes
iduuidNoPK
syncJobIdvarcharNo
endpointvarcharNo
statusvarcharNo
durationMsintYes
recordCountintNo
triggerTypevarcharNo
triggeredByvarcharYes
errorMessagetextYes
timestampvarcharNo

vfp_exception (VfpException)​

VfpException β€” Risk acceptance / exception request Tracks exception requests for vulnerabilities that cannot be remediated. Includes compensating controls assessment, approval workflow, and expiration

ColumnTypeNullableNotes
iduuidNoPK
workPackageIduuidYes
instanceKeyvarcharYes
cveIdvarcharYes
assetIdvarcharYes
reasontextNo
compensatingControlsjsonbYes
questionnairejsonbYes
statusvarcharNo
requestedByvarcharNo
reviewedByvarcharYes
reviewedAttimestampYes
expiresAttimestampYes
extendedAttimestampYes
extendedByvarcharYes
createdAtvarcharNo
updatedAtvarcharNo

vfp_policy_config (VfpPolicyConfig)​

VfpPolicyConfig β€” Risk scoring policy configuration Stores the weight distribution and threshold breakpoints used by the VFP composite risk scoring engine. Only one policy may be active at a time (isA

ColumnTypeNullableNotes
iduuidNoPK
policyNamevarcharNo
weightsJsonjsonbNo
thresholdsjsonbNo
isActivebooleanNo
createdByvarcharYes
createdAtvarcharNo
updatedAtvarcharNo

vfp_risk_score (VfpRiskScore)​

VfpRiskScore β€” Composite risk score per vulnerability instance Stores the computed composite score and all input factors used by the scoring engine. Each row represents one scored vulnerability instan

ColumnTypeNullableNotes
iduuidNoPK
instanceKeyvarcharNo
pluginIdvarcharYes
cveIdvarcharYes
cvssdecimalYes
vprdecimalYes
severityvarcharNo
ageInDaysintNo
kevExploitedbooleanNo
epssScoredecimalYes
exposureScopevarcharNo
assetCriticalityvarcharNo
compensatingControlsbooleanNo
hasPatchbooleanNo
compositeScoredecimalNo
driversJsonjsonbNo
computedAttimestampNo
policyConfigIdvarcharYes
sourceScannervarcharNo
createdAtvarcharNo

vfp_team (VfpTeam)​

VfpTeam β€” Remediation team for work package assignment Teams group users for assigning work packages. Members are stored as a JSON array of { userId, name, role }.

ColumnTypeNullableNotes
iduuidNoPK
namevarcharNo
descriptiontextYes
ownerIdvarcharYes
ownerNamevarcharYes
membersjsonbNo
createdByvarcharNo
createdAtvarcharNo
updatedAtvarcharNo

VfpTicketLink β€” External ticket system integration Links a work package to an external ticket (Jira, ServiceNow). The idempotencyKey (sha256 of workPackageId:provider:projectKey) prevents duplicate ti

ColumnTypeNullableNotes
iduuidNoPK
workPackageIduuidNo
providervarcharNo
externalTicketIdvarcharNo
externalUrlvarcharYes
statusvarcharNo
idempotencyKeyvarcharYes
lastSyncAttimestampYes
createdAtvarcharNo
updatedAtvarcharNo

vfp_validation_record (VfpValidationRecord)​

VfpValidationRecord β€” Remediation verification evidence Tracks the validation/verification step after a work package has been remediated. Stores evidence URLs, rescan scheduling, and the final closure

ColumnTypeNullableNotes
iduuidNoPK
workPackageIduuidNo
evidenceUrlsjsonbYes
notestextYes
rescanPlannedAttimestampYes
validatedByvarcharYes
validatedAttimestampYes
closureReportjsonbYes
createdAtvarcharNo
updatedAtvarcharNo

vfp_work_package (VfpWorkPackage)​

VfpWorkPackage β€” Grouped remediation work unit A work package bundles related vulnerability instances into a single actionable unit that can be assigned, ticketed, tracked, and validated through its l

ColumnTypeNullableNotes
iduuidNoPK
namevarcharNo
descriptiontextYes
statusvarcharNo
assignedTeamvarcharYes
assignedOwnervarcharYes
campaignIduuidYes
createdByvarcharNo
lockedAttimestampYes
closedAttimestampYes
createdAtvarcharNo
updatedAtvarcharNo

vfp_work_package_item (VfpWorkPackageItem)​

VfpWorkPackageItem β€” Individual vulnerability in a work package Each item references a specific vulnerability instance (by instanceKey) included in a parent work package. Denormalized fields (hostname

ColumnTypeNullableNotes
iduuidNoPK
workPackageIduuidNo
instanceKeyvarcharNo
pluginIdvarcharYes
cveIdvarcharYes
hostnamevarcharYes
severityvarcharNo
riskScoredecimalYes
sourceScannervarcharYes
createdAtvarcharNo

vulnerabilities (Vulnerability)​

Vulnerability entity for storing Tenable.io vulnerability data This allows viewing real IPs, hostnames, and downloading raw data UNIQUE CONSTRAINT: instanceKey (sha256 of assetUuid:pluginId:port:proto

ColumnTypeNullableNotes
iduuidNoPK
instanceKeyvarcharYes
findingIdvarcharYes
assetUuidvarcharNo
hostnamevarcharYes
ipv4simple-arrayYes
ipv6simple-arrayYes
operatingSystemvarcharYes
fqdnsimple-arrayYes
pluginIdintNo
pluginNamevarcharNo
pluginFamilyvarcharYes
descriptiontextYes
solutiontextYes
portintYes
protocolvarcharYes
servicevarcharYes
severityvarcharNo
severityIdintNo
cvssBaseScoredecimalYes
cvss3BaseScoredecimalYes
vprScorefloatYes
cvesimple-arrayYes
cveIdstextYes
exploitAvailablebooleanNo
hasPatchbooleanNo
statevarcharNo
firstFoundtimestampYes
lastFoundtimestampYes
lastFixedtimestampYes
firstFixedObservedAttimestampYes
syncJobIdvarcharYes
osCategoryvarcharYes
sourcevarcharYes
dataChecksumvarcharYes
versionintNo
lastSeenAttimestampYes
createdAtvarcharNo
updatedAtvarcharNo

vulnerability_state_transitions (VulnerabilityStateTransition)​

VulnerabilityStateTransition tracks state changes over time Enhanced to support instanceKey-based tracking and detailed event metadata Used for: - Historical trend computation (correct snapshots) - MT

ColumnTypeNullableNotes
iduuidNoPK
instanceKeyvarcharYes
assetUuidvarcharNo
pluginIdintNo
portintNo
protocolvarcharNo
previousStatevarcharYes
newStatevarcharNo
oldLastFoundtimestampYes
newLastFoundtimestampYes
oldLastFixedtimestampYes
newLastFixedtimestampYes
syncJobIdvarcharYes
reasonTagvarcharYes
sourcevarcharNo
hasPatchbooleanYes
severityvarcharYes
pluginFamilyvarcharYes
transitionedAtvarcharNo

vulnerability_stats (VulnerabilityStats)​

VulnerabilityStats entity for pre-computed daily aggregations This allows fast dashboard loading without processing 100k+ records in realtime

ColumnTypeNullableNotes
datedateNoPK
totalActiveintNo
totalNewintNo
totalRemediatedintNo
totalResurfacedintNo
patchableNewintNo
unpatchableNewintNo
patchableRemediatedintNo
unpatchableRemediatedintNo
patchableResurfacedintNo
unpatchableResurfacedintNo
totalRemediatedCumulativeintNo
criticalCountintNo
highCountintNo
mediumCountintNo
lowCountintNo
infoCountintNo
patchableActiveintNo
unpatchableActiveintNo
patchableCriticalintNo
patchableHighintNo
unpatchableCriticalintNo
unpatchableHighintNo
patchableMediumintNo
patchableLowintNo
patchableInfointNo
unpatchableMediumintNo
unpatchableLowintNo
unpatchableInfointNo
reopenedCountintNo
meanTimeToRemediatefloatNo
osCountssimple-jsonYes
dataSourcevarcharNo
syncJobIdvarcharYes
computedAtvarcharNo

vulnerability_stats_by_category (VulnerabilityStatsByCategory)​

VulnerabilityStatsByCategory stores daily per-category aggregations This enables correct historical trend computation - trends are computed from these snapshots, NOT derived from current state Categor

ColumnTypeNullableNotes
datedateNoPK
osCategoryvarcharNoPK
totalActiveintNo
totalNewintNo
totalRemediatedintNo
totalResurfacedintNo
patchableNewintNo
unpatchableNewintNo
patchableRemediatedintNo
unpatchableRemediatedintNo
patchableResurfacedintNo
unpatchableResurfacedintNo
criticalCountintNo
highCountintNo
mediumCountintNo
lowCountintNo
infoCountintNo
patchableActiveintNo
unpatchableActiveintNo
patchableCriticalintNo
patchableHighintNo
unpatchableCriticalintNo
unpatchableHighintNo
patchableMediumintNo
patchableLowintNo
patchableInfointNo
unpatchableMediumintNo
unpatchableLowintNo
unpatchableInfointNo
validRemediationsintNo
mttrHoursdecimalYes
mttrHoursValidOnlydecimalYes
dataSourcevarcharNo
syncJobIdvarcharYes
computedAtvarcharNo

widget_template (WidgetTemplate)​

ColumnTypeNullableNotes
iduuidNoPK
namevarcharNo
descriptiontextYes
categoryvarcharNo
chartTypevarcharNo
dataSourcevarcharNo
configjsonbNo
isSystembooleanNo
previewIconvarcharYes
tagssimple-arrayNo
usageCountintegerNo
createdByuuidYes
createdAtvarcharNo
updatedAtvarcharNo

AppSec / Pentest Scanner Tables​

42 entities

Entity Relationships (Mermaid ERD)​

Column Reference​

appsec_credentials (AppSecCredential)​

AppSecCredential β€” Centralized credential vault for the AppSec module. Stores named credentials (username/password, bearer token, or API key) that can be referenced from auth profiles and ScanContext

ColumnTypeNullableNotes
iduuidNoPK
organizationIduuidNo
namevarcharNo
descriptionvarcharYes
targetUrlvarcharYes
credTypevarcharNo
usernametextYes
passwordEncryptedtextYes
tokenEncryptedtextYes
loginUrlvarcharYes
loginPayloadTemplatetextYes
tokenExtractionPathvarcharYes
createdAtvarcharNo
updatedAtvarcharNo

osint_api_keys (OsintApiKey)​

ColumnTypeNullableNotes
iduuidNoPK
organizationIdvarcharYes
serviceNamevarcharNo
displayNamevarcharNo
apiKeytextNo
enabledbooleanNo
lastValidatedAttimestampYes
lastValidationStatusvarcharYes
lastUsedAttimestampYes
usageCountintNo
metadatajsonbYes
createdAtvarcharNo
updatedAtvarcharNo

pentest_activity_events (PentestActivityEvent)​

ColumnTypeNullableNotes
iduuidNoPK
assessmentIdvarcharNo
organizationIdvarcharNo
eventTypevarcharNo
datajsonbNo
createdAtvarcharNo

pentest_agent_configs (PentestAgentConfig)​

PentestAgentConfig - runtime configuration for each attack agent. Each agent (xssHunter, sqliProber, etc.) has a default config row that controls its behavior: whether it's enabled, max requests per s

ColumnTypeNullableNotes
iduuidNoPK
organizationIduuidYes
agentNamevarcharNo
displayNamevarcharNo
descriptiontextYes
categoryvarcharNo
enabledbooleanNo
maxRequestsPerSecondintegerNo
maxTotalRequestsintegerNo
timeoutSecondsintegerNo
aggressivenessvarcharNo
owaspCoveragejsonbNo
defaultPayloadSetvarcharYes
configjsonbNo
assessmentTypesjsonbNo
executionPhaseintegerNo
createdAtvarcharNo
updatedAtvarcharNo

pentest_agent_logs (PentestAgentLog)​

PentestAgentLog - execution log for each agent run within an assessment. Tracks the lifecycle of each agent's execution: start, progress, findings produced, errors encountered, and completion. Used fo

ColumnTypeNullableNotes
iduuidNoPK
assessmentIduuidNo
agentNamevarcharNo
displayNamevarcharNo
statusvarcharNo
progressrealNo
requestsSentintegerNo
requestsSuccessintegerNo
requestsFailedintegerNo
endpointsTestedintegerNo
rawFindingsCountintegerNo
validatedFindingsCountintegerNo
startedAttimestampYes
completedAttimestampYes
durationMsintegerYes
errorMessagetextYes
errorStacktextYes
retryCountintegerNo
wasRateLimitedbooleanNo
wasWafBlockedbooleanNo
configSnapshotjsonbYes
coverageDatajsonbYes
createdAtvarcharNo

pentest_assessments (PentestAssessment)​

PentestAssessment - a single penetration test run against a target. Each assessment represents one lifecycle of: queue -> profile -> plan -> attack -> validate -> chain -> complete. Assessments track

ColumnTypeNullableNotes
iduuidNoPK
organizationIduuidNo
targetIduuidNo
namevarcharNo
applicationNamevarcharYes
assessmentTypevarcharNo
statusvarcharNo
progressrealNo
currentPhasevarcharYes
configjsonbNo
aiResidencyModevarcharNo
priorityintegerNo
encryptionConfigjsonbYes
startedAttimestampYes
completedAttimestampYes
durationSecondsintegerYes
attackPlanjsonbYes
aiUsagejsonbNo
findingsTotalintegerNo
findingsCriticalintegerNo
findingsHighintegerNo
findingsMediumintegerNo
findingsLowintegerNo
findingsInfointegerNo
exploitChainsFoundintegerNo
agentsTotalintegerNo
agentsCompletedintegerNo
agentsFailedintegerNo
totalRequestsSentintegerNo
targetProfilejsonbYes
errorMessagetextYes
errorLogjsonbNo
tagsjsonbNo
createdByuuidYes
scanContextjsonbYes
parentAssessmentIduuidYes
baselineAssessmentIduuidYes
runNumberintegerNo
pausedAtPhasevarcharYes
lastCheckpointAttimestamptzYes
scheduleFrequencyvarcharYes
scheduleEnabledbooleanNo
scheduleNextRuntimestampYes
scheduleLastRuntimestampYes
scheduleConfigjsonbYes
phaseDurationsjsonbYes
requiresManualReviewbooleanNo
createdAtvarcharNo
updatedAtvarcharNo

pentest_auth_profiles (PentestAuthProfile)​

PentestAuthProfile - authentication configuration for authenticated testing. Stores credentials and auth flow details needed to maintain authenticated sessions during assessment. Supports multiple aut

ColumnTypeNullableNotes
iduuidNoPK
organizationIduuidNo
namevarcharNo
authTypevarcharNo
privilegeLevelvarcharNo
privilegeLabelvarcharYes
tokenValueEncryptedtextYes
tokenTypevarcharYes
loginUrlvarcharYes
usernameFieldvarcharYes
passwordFieldvarcharYes
usernametextYes
passwordtextYes
oauthConfigjsonbYes
apiKeytextYes
apiKeyLocationvarcharYes
apiKeyNamevarcharYes
bearerTokentextYes
customAuthFlowjsonbYes
totpSecrettextYes
backupCodesjsonbYes
multiUserContextsjsonbNo
verifiedbooleanNo
lastVerifiedAttimestampYes
createdByuuidYes
createdAtvarcharNo
updatedAtvarcharNo

pentest_crawl_results (PentestCrawlResult)​

PentestCrawlResult - stores crawl discovery data for an assessment. Each row represents a single crawled page, including its extracted links, forms, scripts, and response metadata. Used by agents to d

ColumnTypeNullableNotes
iduuidNoPK
assessmentIduuidNo
targetIduuidNo
organizationIduuidNo
urlvarcharNo
canonicalUrlvarcharNo
depthintegerNo
statusCodeintegerNo
contentTypevarcharYes
responseTimeMsintegerNo
titlevarcharYes
bodyLengthintegerNo
linksjsonbNo
formsjsonbNo
scriptsjsonbNo
headersjsonbNo
discoveryMethodvarcharNo
createdAtvarcharNo

pentest_evidence (PentestEvidence)​

PentestEvidence - proof artifacts attached to a finding. Each finding can have multiple evidence items: the HTTP request/response that triggered the vulnerability, screenshots, HAR files, OOB callback

ColumnTypeNullableNotes
iduuidNoPK
findingIduuidYes
assessmentIduuidNo
evidenceTypevarcharNo
titlevarcharNo
httpRequesttextYes
httpResponsetextYes
statusCodeintegerYes
responseTimeMsintegerYes
blobContenttextYes
mimeTypevarcharYes
structuredDatajsonbYes
highlighttextYes
highlightOffsetintegerYes
sortOrderintegerNo
createdAtvarcharNo

pentest_exploit_chains (PentestExploitChain)​

PentestExploitChain - a multi-step attack path combining individual findings. Exploit chains represent the real-world impact of vulnerabilities when combined. For example: info disclosure (leak admin

ColumnTypeNullableNotes
iduuidNoPK
organizationIduuidNo
assessmentIduuidNo
titlevarcharNo
narrativetextYes
severityvarcharNo
impactScorerealNo
findingIdsjsonbNo
stepsjsonbNo
mitreTechniquesjsonbNo
businessImpacttextYes
prerequisitesjsonbNo
confidencerealNo
discoveryMethodvarcharNo
proofStatusvarcharNo
executionEvidencejsonbYes
createdAtvarcharNo
updatedAtvarcharNo

pentest_finding_exception (PentestFindingException)​

PentestFindingException β€” AppSec exception / risk acceptance for DAST findings Separate from VfpException (which handles CVE-based vulnerability management). This entity handles CWE-based, endpoint-sp

ColumnTypeNullableNotes
iduuidNoPK
organizationIduuidNo
targetIduuidNo
dedupHashvarcharNo
findingIduuidYes
findingTitlevarcharNo
findingSeverityvarcharNo
vulnTypevarcharYes
endpointvarcharYes
reasontextNo
compensatingControlstextYes
requestedByuuidNo
requestedAttimestampNo
statusvarcharNo
reviewedByuuidYes
reviewedAttimestampYes
reviewCommenttextYes
secondReviewedByuuidYes
secondReviewedAttimestampYes
secondReviewCommenttextYes
requiresSecondReviewbooleanNo
expiresAttimestampNo
originalDaysGrantedintegerYes
createdAtvarcharNo
updatedAtvarcharNo

pentest_finding_observation (PentestFindingObservation)​

PentestFindingObservation - append-only observation record for scan history intelligence. Each completed scan writes one observation per finding it detects ('present') and one per finding from the pre

ColumnTypeNullableNotes
iduuidNoPK
organizationIduuidNo
targetIduuidNo
assessmentIduuidNo
dedupHashvarcharNo
semanticHashvarcharYes
findingIduuidYes
severityvarcharNo
confidencerealNo
statusvarcharNo
titlevarcharYes
vulnTypevarcharYes
scanCoveragerealYes
observedAttimestampNo
createdAtvarcharNo

pentest_findings (PentestFinding)​

PentestFinding - an individual vulnerability discovered during an assessment. Each finding is produced by an attack agent, then validated by the validation engine with a confidence score. Findings can

ColumnTypeNullableNotes
iduuidNoPK
organizationIduuidNo
assessmentIduuidNo
targetIduuidNo
titlevarcharNo
descriptiontextYes
vulnTypevarcharNo
severityvarcharNo
cvssScorerealYes
cvssVectorvarcharYes
cweIdsjsonbNo
owaspCategoryvarcharYes
owaspApiCategoryvarcharYes
owaspLlmCategoryvarcharYes
endpointvarcharNo
httpMethodvarcharNo
parametervarcharYes
parameterLocationvarcharYes
confidencerealNo
validationMethodvarcharNo
confidenceTiervarcharNo
statusvarcharNo
isFalsePositivebooleanNo
discoveredByvarcharNo
contributingAgentsjsonbNo
payloadtextYes
dedupHashvarcharYes
semanticHashvarcharYes
historyStatusvarcharYes
sourcesjsonbYes
multiEngineConfirmedbooleanNo
remediationjsonbYes
referencesjsonbNo
weaverScorerealYes
businessImpactjsonbYes
lastRetestAttimestampYes
retestStatusvarcharYes
feedbackNotetextYes
feedbackByuuidYes
feedbackAttimestampYes
slaDeadlinetimestampYes
slaBreachedbooleanNo
slaBreachedAttimestampYes
firstSeenAttimestampNo
lastSeenAttimestampNo
createdAtvarcharNo
updatedAtvarcharNo

pentest_phase0_sessions (Phase0Session)​

Sensitive patterns that trigger encryption of the answer field. */ const SENSITIVE_ANSWER_PATTERNS = /password|token|secret|credential|bearer|api.?key|authorization/i function getPhase0EncryptionKey()

ColumnTypeNullableNotes
iduuidNoPK
assessmentIduuidNo
organizationIduuidYes
phasevarcharNo
questiontextNo
answertextYes
answeredAttimestamptzYes
timeoutSecondsintNo
timedOutbooleanNo
metadatajsonbYes
discoveredSubdomainsjsonbYes
dnsIntelligencejsonbYes
historicalEndpointsjsonbYes
detectedAiServicesjsonbYes
createdAttimestamptzNo

pentest_reports (PentestReport)​

PentestReport - generated assessment report. Reports are generated after an assessment completes and can be in multiple formats (PDF, HTML, JSON). They include executive summaries, technical findings,

ColumnTypeNullableNotes
iduuidNoPK
organizationIduuidNo
assessmentIduuidNo
titlevarcharNo
reportTypevarcharNo
formatvarcharNo
statusvarcharNo
executiveSummarytextYes
contenttextYes
reportMetadatajsonbNo
complianceFrameworksjsonbNo
filePathvarcharYes
fileSizeBytesintegerYes
fileHashvarcharYes
sharedWithjsonbNo
isSharedExternallybooleanNo
errorMessagetextYes
generatedByuuidYes
createdAtvarcharNo
updatedAtvarcharNo

pentest_scan_template (PentestScanTemplate)​

PentestScanTemplate β€” reusable scan configuration templates for AppSec assessments. Users can create custom templates specifying which agents to run, budget levels, crawl depth, AI planning toggles, e

ColumnTypeNullableNotes
iduuidNoPK
organizationIduuidNo
namevarcharNo
descriptiontextYes
isDefaultbooleanNo
baseTypevarcharNo
enabledAgentsjsonbNo
budgetLevelvarcharNo
customBudgetsjsonbYes
maxCrawlPagesintegerNo
maxCrawlDepthintegerNo
scanTimeoutMinutesintegerYes
enableAiPlanningbooleanNo
enableChainAnalysisbooleanNo
enableMultiPassbooleanNo
enableHeadlessCrawlbooleanNo
prioritizeSpecEndpointsbooleanNo
enableIntelligentDiscoverybooleanNo
enableApiVersionMirroringbooleanNo
createdByuuidYes
usageCountintegerNo
lastUsedAttimestampYes
createdAtvarcharNo
updatedAtvarcharNo

pentest_target_learned_context (TargetLearnedContext)​

TargetLearnedContext β€” persists learned intelligence about a pentest target across multiple scans. Populated during Phase 0 discovery (OSINT, sector detection, schema field harvesting). Unique per (ta

ColumnTypeNullableNotes
iduuidNoPK
targetIduuidNo
organizationIduuidYes
sectorvarcharYes
subsectorvarcharYes
attackPatternsjsonbNo
osintSubdomainsjsonbNo
osintPortsjsonbNo
harvestedSchemaFieldsjsonbNo
bootstrapStrategyvarcharYes
discoveredEndpointsjsonbNo
authPatternsjsonbNo
productiveResourceIdsjsonbNo
scanIntelligencejsonbNo
createdAttimestamptzNo
updatedAttimestamptzNo

pentest_targets (PentestTarget)​

PentestTarget - a web application or API endpoint registered for security assessment. Each target represents a single root URL or API base that can be assessed. Targets belong to an organization (mult

ColumnTypeNullableNotes
iduuidNoPK
organizationIduuidNo
namevarcharNo
descriptiontextYes
baseUrlvarcharNo
targetTypevarcharNo
environmentvarcharNo
statusvarcharNo
ownershipVerifiedbooleanNo
verificationMethodvarcharYes
techStackjsonbNo
apiSpecUrltextYes
apiSpecjsonbYes
scopeIncludesjsonbNo
scopeExcludesjsonbNo
respectRobotsTxtbooleanNo
maxCrawlPagesintegerNo
maxCrawlDepthintegerNo
authProfileIduuidYes
totalAssessmentsintegerNo
lastAssessmentAttimestampYes
openFindingsintegerNo
tagsjsonbNo
metadatajsonbNo
createdByuuidYes
createdAtvarcharNo
updatedAtvarcharNo

pentest_test_cases (PentestTestCase)​

PentestTestCase - a reusable test case template that agents execute. Migrated from the reference codebase's 1,953 SQL test cases + 57-part seed files. Each test case defines a specific vulnerability c

ColumnTypeNullableNotes
iduuidNoPK
testCaseIdvarcharNo
titlevarcharNo
descriptiontextYes
vulnTypevarcharNo
owaspCategoryvarcharYes
owaspApiCategoryvarcharYes
cweIdsjsonbNo
riskLevelvarcharNo
agentIdvarcharNo
phasevarcharNo
payloadsjsonbNo
detectionMethodvarcharNo
expectedPatternsjsonbNo
applicableMethodsjsonbNo
applicableLocationsjsonbNo
isActivebooleanNo
sourcevarcharNo
versionintNo
tagsjsonbNo
remediationTemplatetextYes
referencesjsonbNo
createdAtvarcharNo
updatedAtvarcharNo

proxy_config (ProxyConfig)​

Singleton row (id = 'default') that persists the corporate proxy configuration. Supports HTTP and SOCKS5 proxies with optional authentication. Password is stored encrypted via AES-256-GCM (crypto.ts).

ColumnTypeNullableNotes
idvarcharNoPK
enabledbooleanNo
proxyTypevarcharNo
proxyUrlvarcharYes
proxyPortintYes
authUsernamevarcharYes
authPasswordtextYes
noProxyListtextNo
useForDnsbooleanNo
lastTestedAttimestampYes
lastTestResultvarcharYes
createdAtvarcharNo
updatedAtvarcharNo

scanner_agents (ScannerAgent)​

ScannerAgent β€” WeaverScan agent registry Each row represents a registered scanner agent running on a target host. Agents authenticate via mTLS certificate and report heartbeats, SBOM snapshots, and sc

ColumnTypeNullableNotes
iduuidNoPK
hostnamevarcharNo
biosUuidvarcharYes
macAddressvarcharYes
ipAddressvarcharYes
osNamevarcharYes
osFamilyvarcharYes
archvarcharYes
agentVersionvarcharNo
statusvarcharNo
assetIduuidYes
certificateFingerprintvarcharYes
lastHeartbeattimestampYes
lastScanAttimestampYes
scanIntervalMinutesintegerNo
tagsjsonbNo
cpuUsagePercentfloatYes
memoryUsageMbfloatYes
diskUsageMbfloatYes
uptimeintegerYes
cloudInstanceIdvarcharYes
connectionTypevarcharNo
maxConcurrentTasksintegerNo
currentTaskCountintegerNo
jwtFingerprintvarcharYes
capabilitiesjsonbNo
networkZonevarcharYes
lastErrortextYes
totalScansCompletedintegerNo
totalFindingsReportedintegerNo
agentNamevarcharYes
createdAtvarcharNo
updatedAtvarcharNo

scanner_attack_paths (ScannerAttackPath)​

ScannerAttackPath β€” Computed attack path analysis Represents a chain of vulnerabilities across assets that an attacker could exploit to move laterally. Includes MITRE ATT&CK technique mapping and a co

ColumnTypeNullableNotes
iduuidNoPK
namevarcharNo
descriptiontextYes
severityvarcharNo
scorefloatNo
hopsjsonbNo
startAssetvarcharYes
targetAssetvarcharYes
mitreTechniquesjsonbNo
statusvarcharNo
computedAttimestampNo
createdAtvarcharNo
updatedAtvarcharNo

scanner_benchmarks (ScannerBenchmark)​

ScannerBenchmark β€” ground truth database for vulnerability benchmarks. Stores known vulnerabilities per intentionally-vulnerable app (dvws-node, crAPI, etc.) so the scanner can compare its findings ag

ColumnTypeNullableNotes
iduuidNoPK
appNamevarcharNo
vulnNamevarcharNo
vulnTypevarcharNo
owaspCategoryvarcharNo
endpointvarcharYes
httpMethodvarcharYes
dastDetectablebooleanNo
statusvarcharNo
notestextYes
sourceUrlvarcharYes
createdAtvarcharNo
updatedAtvarcharNo

scanner_compliance_attestations (ScannerComplianceAttestation)​

ColumnTypeNullableNotes
iduuidNoPK
frameworkvarcharNo
statusvarcharNo
scorefloatNo
findingsjsonbNo
attestedByvarcharYes
attestedAttimestampYes
validUntiltimestampYes
scanScopejsonbNo
evidencePackageUrlvarcharYes
clientIdintegerNo
createdAtvarcharNo
updatedAtvarcharNo

scanner_compliance_snapshots (ScannerComplianceSnapshot)​

ScannerComplianceSnapshot β€” Point-in-time compliance assessment Stores the overall compliance score and per-control pass/fail results for a given framework (PCI-DSS, SOC2, HIPAA, ISO 27001, NIST CSF,

ColumnTypeNullableNotes
iduuidNoPK
frameworkIdvarcharNo
overallScorefloatNo
passedControlsintegerNo
failedControlsintegerNo
notApplicableControlsintegerNo
detailsjsonbNo
assessedAttimestampNo
createdAtvarcharNo

scanner_config (ScannerConfig)​

ScannerConfig β€” stores configuration for each connected vulnerability scanner. Each row represents one scanner instance (e.g. "Tenable Production", "Qualys Dev"). Credentials are stored encrypted in J

ColumnTypeNullableNotes
iduuidNoPK
slugvarcharNo
displayNamevarcharNo
adapterTypevarcharNo
baseUrlvarcharYes
credentialsEncryptedjsonbYes
syncSchedulevarcharYes
batchSizeintegerNo
isActivebooleanNo
healthStatusvarcharNo
lastSyncAttimestampYes
createdAtvarcharNo
updatedAtvarcharNo

scanner_conflicts (ScannerConflict)​

ColumnTypeNullableNotes
iduuidNoPK
cvevarcharNo
sourceAvarcharNo
sourceBvarcharNo
findingAjsonbNo
findingBjsonbNo
severityAvarcharNo
severityBvarcharNo
scannerSourcesjsonbYes
severityValuesjsonbYes
conflictTypevarcharYes
resolutionvarcharNo
resolvedByvarcharYes
resolvedAttimestampYes
mergedSeverityvarcharYes
notestextYes
createdAtvarcharNo
updatedAtvarcharNo

scanner_containers (ScannerContainer)​

ScannerContainer β€” Container tracking for WeaverScan Tracks individual containers running on agents. Supports Docker, containerd, and CRI-O runtimes. Links to Kubernetes metadata (namespace, pod, clus

ColumnTypeNullableNotes
iduuidNoPK
containerIdvarcharNo
containerNamevarcharYes
imageNamevarcharNo
imageTagvarcharNo
imageDigestvarcharYes
hostAgentIduuidNo
runtimevarcharNo
statusvarcharNo
namespacevarcharYes
podNamevarcharYes
clusterNamevarcharYes
vulnerabilityCountintegerNo
criticalCountintegerNo
highCountintegerNo
mediumCountintegerNo
lowCountintegerNo
sbomGeneratedbooleanNo
lastScannedAttimestampYes
layersjsonbNo
portsjsonbNo
environmentjsonbNo
createdAtvarcharNo
updatedAtvarcharNo

scanner_detection_signatures (ScannerDetectionSignature)​

ScannerDetectionSignature β€” Vulnerability detection rules Each signature describes how to detect a specific CVE on an asset, e.g. by checking installed package versions, config files, or registry keys

ColumnTypeNullableNotes
iduuidNoPK
cveIdvarcharNo
detectionTypevarcharNo
packageNamevarcharYes
ecosystemvarcharYes
affectedVersionsvarcharYes
fixedVersionvarcharYes
osFiltervarcharYes
detectionLogicjsonbYes
sourcevarcharNo
confidencefloatNo
requiresReviewbooleanNo
isActivebooleanNo
dataSourcesvarcharYes
sourceForCvssvarcharYes
sourceForPackagevarcharYes
reviewedByvarcharYes
reviewedAttimestampYes
createdAtvarcharNo
updatedAtvarcharNo

scanner_edr_events (ScannerEdrEvent)​

ScannerEdrEvent β€” EDR event tracking for WeaverScan Records endpoint detection and response events ingested from agents. Covers process execution, file changes, network connections, registry modificat

ColumnTypeNullableNotes
iduuidNoPK
agentIduuidNo
eventTypevarcharNo
severityvarcharNo
processNamevarcharYes
processPathvarcharYes
processHashvarcharYes
parentProcessNamevarcharYes
userIdvarcharYes
commandLinetextYes
filePathvarcharYes
fileActionvarcharYes
networkDestIpvarcharYes
networkDestPortintegerYes
networkProtocolvarcharYes
yaraRuleMatchvarcharYes
mitreAttackIdvarcharYes
detailsjsonbNo
acknowledgedbooleanNo
detectedAttimestampNo
createdAtvarcharNo
updatedAtvarcharNo

scanner_enrollment_tokens (ScannerEnrollmentToken)​

ScannerEnrollmentToken β€” One-time or multi-use tokens for agent enrollment Agents present an enrollment token on first contact to register themselves. Tokens can be scoped with tags that auto-apply to

ColumnTypeNullableNotes
iduuidNoPK
tokenvarcharNo
namevarcharNo
descriptiontextYes
maxUsesintegerNo
usedCountintegerNo
expiresAttimestampYes
isActivebooleanNo
createdByvarcharNo
tagsjsonbNo
createdAtvarcharNo
updatedAtvarcharNo

scanner_false_positive_patterns (ScannerFalsePositivePattern)​

ScannerFalsePositivePattern β€” False positive suppression rules Defines patterns for suppressing known false positives in scan results, e.g. a CVE that doesn't apply to a specific package/OS combinatio

ColumnTypeNullableNotes
iduuidNoPK
patternTypevarcharNo
cveIdvarcharYes
packageNamevarcharYes
pluginFamilyvarcharYes
assetFilterjsonbYes
reasontextNo
suppressionCountintegerNo
isActivebooleanNo
createdByvarcharNo
createdAtvarcharNo
updatedAtvarcharNo

scanner_fim_rules (ScannerFimRule)​

ScannerFimRule β€” File Integrity Monitoring rules for WeaverScan Defines which file paths agents should monitor for changes. Each rule specifies watch paths, exclusions, actions to monitor, and the sev

ColumnTypeNullableNotes
iduuidNoPK
namevarcharNo
descriptiontextYes
watchPathsjsonbNo
excludePathsjsonbNo
fileActionsjsonbNo
alertSeverityvarcharNo
isActivebooleanNo
createdByvarcharNo
createdAtvarcharNo
updatedAtvarcharNo

scanner_intel_sync_log (ScannerIntelSyncLog)​

ScannerIntelSyncLog β€” Threat intelligence feed sync tracking Records each sync attempt from external intel sources (NVD, GitHub Advisories, CISA KEV, EPSS, Red Hat OVAL, etc.) with counts and error de

ColumnTypeNullableNotes
iduuidNoPK
sourcevarcharNo
statusvarcharNo
recordsFetchedintegerNo
recordsNewintegerNo
recordsUpdatedintegerNo
errorMessagetextYes
startedAttimestampNo
completedAttimestampYes
createdAtvarcharNo

scanner_mobile_devices (ScannerMobileDevice)​

ScannerMobileDevice β€” Mobile/IoT device tracking for WeaverScan Tracks mobile devices (iOS, Android, ChromeOS) and IoT endpoints registered via MDM providers (Jamf, Intune, Workspace ONE) or manual en

ColumnTypeNullableNotes
iduuidNoPK
deviceNamevarcharNo
deviceTypevarcharNo
osVersionvarcharYes
mdmProvidervarcharYes
mdmDeviceIdvarcharYes
serialNumbervarcharYes
modelvarcharYes
manufacturervarcharYes
complianceStatusvarcharNo
lastCheckintimestampYes
isJailbrokenbooleanNo
isEncryptedbooleanNo
installedAppsjsonbNo
securityPatchLevelvarcharYes
assetIduuidYes
tagsjsonbNo
createdAtvarcharNo
updatedAtvarcharNo

scanner_nlp_policies (ScannerNlpPolicy)​

ColumnTypeNullableNotes
iduuidNoPK
namevarcharNo
descriptiontextNo
ruleTexttextNo
parsedConditionsjsonbYes
compiledRulesjsonbYes
severityvarcharYes
enabledbooleanNo
statusvarcharNo
targetScopevarcharYes
createdByvarcharYes
violationCountintNo
lastEvaluatedAttimestampYes
createdAtvarcharNo
updatedAtvarcharNo

scanner_relays (ScannerRelay)​

ScannerRelay β€” WeaverRelay tracking entity Represents a relay node in the WeaverScan network. Relays act as local aggregation points for agents, buffering scan results and distributing intelligence DB

ColumnTypeNullableNotes
iduuidNoPK
namevarcharNo
hostnamevarcharNo
ipAddressvarcharYes
statusvarcharNo
relayTypevarcharNo
uplinkRelayIduuidYes
connectedAgentsintegerNo
bufferSizeMbfloatNo
bufferCapacityMbfloatNo
lastIntelDbUpdatetimestampYes
intelDbVersionvarcharYes
lastHeartbeattimestampYes
tlsCertFingerprintvarcharYes
lastExportAttimestampYes
tagsjsonbNo
splitTunnelConfigjsonbYes
createdAtvarcharNo
updatedAtvarcharNo

scanner_remediation_jobs (ScannerRemediationJob)​

ScannerRemediationJob β€” Agent-executed remediation tasks Represents an approved (or pending) remediation action to be executed by a scanner agent, such as updating a package, applying a patch, or roll

ColumnTypeNullableNotes
iduuidNoPK
agentIduuidNo
vulnerabilityIdvarcharYes
cveIdvarcharYes
packageNamevarcharYes
actionvarcharNo
commandtextNo
statusvarcharNo
approvedByvarcharYes
rejectedByvarcharYes
rejectedReasontextYes
approvedAttimestampYes
executedAttimestampYes
completedAttimestampYes
rolledBackAttimestampYes
rollbackCommandtextYes
targetVersionvarcharYes
resultjsonbYes
outputtextYes
errorMessagetextYes
dryRunbooleanNo
createdByvarcharNo
createdAtvarcharNo
updatedAtvarcharNo

scanner_sbom_drift_events (ScannerSbomDriftEvent)​

ScannerSbomDriftEvent β€” SBOM change detection events When consecutive SBOM snapshots differ, drift events are generated for each package added, removed, or changed. Used for change tracking and securi

ColumnTypeNullableNotes
iduuidNoPK
agentIduuidNo
driftTypevarcharNo
packageNamevarcharNo
previousVersionvarcharYes
newVersionvarcharYes
ecosystemvarcharYes
riskLevelvarcharNo
acknowledgedbooleanNo
acknowledgedByvarcharYes
acknowledgedAttimestampYes
detectedAttimestampNo
createdAtvarcharNo

scanner_sbom_snapshots (ScannerSbomSnapshot)​

ScannerSbomSnapshot β€” Point-in-time SBOM capture from an agent Stores the full CycloneDX (or SPDX) SBOM payload submitted by an agent after a software inventory scan. Used for drift detection and vuln

ColumnTypeNullableNotes
iduuidNoPK
agentIduuidNo
formatvarcharNo
packageCountintegerNo
checksumvarcharNo
sbomDatajsonbNo
collectedAttimestampNo
createdAtvarcharNo

scanner_scan_results (ScannerScanResult)​

ScannerScanResult β€” Individual scan execution result from an agent Each row represents one scan run (vulnerability, config, or drift). Contains severity counts and optional raw engine output for foren

ColumnTypeNullableNotes
iduuidNoPK
agentIduuidNo
scanTypevarcharNo
scanEnginevarcharNo
statusvarcharNo
findingsCountintegerNo
criticalCountintegerNo
highCountintegerNo
mediumCountintegerNo
lowCountintegerNo
infoCountintegerNo
scanDurationMsintegerYes
packageCountintegerYes
rawOutputjsonbYes
errorMessagetextYes
startedAttimestampNo
completedAttimestampYes
createdAtvarcharNo

scanner_sync_log (ScannerSyncLog)​

ScannerSyncLog β€” tracks each sync run for any scanner. Records start time, completion, status, and counts of processed/new/updated vulns. Used for audit trail, debugging sync issues, and monitoring sy

ColumnTypeNullableNotes
iduuidNoPK
scannerSlugvarcharNo
startedAttimestampNo
completedAttimestampYes
statusvarcharNo
vulnsProcessedintegerNo
vulnsNewintegerNo
vulnsUpdatedintegerNo
errorMessagetextYes
createdAtvarcharNo

AI Labs Tables​

11 entities

Entity Relationships (Mermaid ERD)​

Column Reference​

ai_cache_entry (AiCacheEntry)​

AiCacheEntry β€” Persists AI response cache entries to survive restarts. Used by aiCache.service.ts for warm cache loading on startup.

ColumnTypeNullableNotes
keyvarcharNoPK
responsetextNo
categoryvarcharNo
keywordssimple-arrayYes
hitCountintegerNo
ttlMsbigintNo
createdAtvarcharNo

ai_conversation (AiConversation)​

AiConversation β€” Persistent AI chat conversations Stores multi-turn conversations between users and the AI assistant. Each conversation has a feature context (defaults to 'chat') and can carry vulnera

ColumnTypeNullableNotes
iduuidNoPK
userIdvarcharNo
titlevarcharYes
featurevarcharNo
messagesjsonbNo
contextjsonbYes
statusvarcharNo
createdAtvarcharNo
updatedAtvarcharNo

ai_governance_policies (AiGovernancePolicy)​

AiGovernancePolicy β€” An organization-defined policy governing AI tool usage. Policies can operate as allowlists, blocklists, usage limits, or data classification rules. Each policy contains a set of r

ColumnTypeNullableNotes
iduuidNoPK
organizationIduuidNo
namevarcharNo
policyTypevarcharNo
scopevarcharNo
rulesjsonbNo
isEnabledbooleanNo
enforcementModevarcharNo
createdByuuidYes
createdAtvarcharNo
updatedAtvarcharNo

ai_prompt_template (AiPromptTemplate)​

AiPromptTemplate β€” Versioned prompt templates for AI features Each AI feature (fix_plan, ticket_writer, exec_summary, root_cause, exception_assistant, chat) has associated prompt templates with {{vari

ColumnTypeNullableNotes
iduuidNoPK
namevarcharNo
featurevarcharNo
systemPrompttextNo
userPromptTemplatetextNo
variablesjsonbYes
versionintegerNo
isActivebooleanNo
createdByvarcharNo
createdAtvarcharNo
updatedAtvarcharNo

ai_provider (AiProvider)​

AiProvider β€” Configurable AI provider settings Stores connection details and configuration for different AI providers (OpenAI, Anthropic, Local LLM, etc.). One provider can be marked as the default fo

ColumnTypeNullableNotes
iduuidNoPK
namevarcharNo
slugvarcharNo
apiEndpointvarcharYes
modelIdvarcharYes
apiKeyvarcharYes
isActivebooleanNo
isDefaultbooleanNo
maxTokensintegerNo
temperaturedecimalNo
configjsonbYes
createdAtvarcharNo
updatedAtvarcharNo

ai_risks (AiRisk)​

AiRisk β€” A detected risk or violation related to AI tool usage. Risks are raised when AI tools are used in ways that violate policy: shadow AI usage, data leakage, unauthorized models, policy violatio

ColumnTypeNullableNotes
iduuidNoPK
organizationIduuidNo
aiToolIduuidYes
riskTypevarcharNo
severityvarcharNo
titlevarcharNo
descriptiontextYes
affectedUsersjsonbYes
evidencejsonbYes
statusvarcharNo
detectedAttimestampNo
mitigatedAttimestampYes
createdAtvarcharNo
updatedAtvarcharNo

ai_tools (AiTool)​

AiTool β€” An AI/ML tool detected or registered within an organization. Tracks AI tools in use across the organization, whether discovered automatically (via SBOM, DNS monitoring, network traffic analys

ColumnTypeNullableNotes
iduuidNoPK
organizationIduuidNo
namevarcharNo
vendorvarcharYes
categoryvarcharNo
statusvarcharNo
detectionMethodvarcharNo
dataClassificationvarcharNo
usersCountintegerYes
riskScoreintegerNo
metadatajsonbYes
firstSeenAttimestampYes
lastSeenAttimestampYes
createdAtvarcharNo
updatedAtvarcharNo

ai_usage_log (AiUsageLog)​

AiUsageLog β€” Tracks AI API usage for billing and analytics Records every AI execution with token counts, latency, provider info, and status. Enables usage dashboards, cost tracking, and rate limiting.

ColumnTypeNullableNotes
iduuidNoPK
userIdvarcharNo
featurevarcharNo
providerIdvarcharYes
modelIdvarcharYes
inputTokensintegerNo
outputTokensintegerNo
totalTokensintegerNo
latencyMsintegerNo
statusvarcharNo
errorMessagetextYes
metadatajsonbYes
promptRawtextYes
promptSanitizedtextYes
systemPrompttextYes
responsetextYes
sanitizationAppliedbooleanNo
providerTypevarcharYes
responseSourcevarcharYes
createdAtvarcharNo

ai_user_provider (AiUserProvider)​

AiUserProvider β€” Per-user AI provider configuration Allows individual users to configure their own AI models (e.g., local Ollama, LM Studio) without affecting other users. The system resolves provider

ColumnTypeNullableNotes
iduuidNoPK
userIdvarcharNo
namevarcharNo
providerTypevarcharNo
apiEndpointvarcharNo
modelIdvarcharYes
apiKeyvarcharYes
isActivebooleanNo
isPreferredbooleanNo
maxTokensintegerNo
temperaturedecimalNo
configjsonbYes
createdAtvarcharNo
updatedAtvarcharNo

anomaly_days (AnomalyDay)​

AnomalyDay tracks days with detected data anomalies (spikes) Used for: - KPI normalization (exclude anomaly days from counts) - Spike investigation and root cause analysis - Automated detection based

ColumnTypeNullableNotes
datedateNoPK
fixedCountintNo
baselineAvgdecimalYes
baselineStddevdecimalYes
classificationvarcharNo
statusvarcharNo
suspectedCausevarcharYes
distinctPluginsAffectedintYes
distinctAssetsAffectedintYes
notestextYes
createdAtvarcharNo

sensitive_data_patterns (SensitiveDataPattern)​

SensitiveDataPattern - Configurable regex patterns for sensitive data detection. Supports built-in patterns (shipped with app), industry-specific patterns, and user-created custom patterns. Used by th

ColumnTypeNullableNotes
iduuidNoPK
organizationIduuidYes
namevarcharNo
descriptiontextYes
categoryvarcharNo
industryvarcharNo
complianceFrameworkvarcharYes
regexPatterntextNo
regexFlagsvarcharNo
severityvarcharNo
isBuiltInbooleanNo
enabledbooleanNo
cweIdsjsonbNo
sampleMatchesjsonbNo
sampleNonMatchesjsonbNo
falsePositiveHintsjsonbNo
aiGeneratedFromtextYes
createdByuuidYes
createdAtvarcharNo
updatedAtvarcharNo

Cloud Security Tables​

3 entities

Entity Relationships (Mermaid ERD)​

Column Reference​

SbomAssetLink β€” Links SBOM components to specific assets Many-to-many relationship between components and assets, tracking which version is installed and how it was detected.

ColumnTypeNullableNotes
iduuidNoPK
componentIdvarcharNo
assetUuidvarcharNo
installedVersionvarcharYes
detectedByvarcharNo
sbomFormatvarcharYes
firstSeentimestampNo
lastSeentimestampNo
createdAtvarcharNo

sbom_component (SbomComponent)​

SbomComponent β€” Software Bill of Materials component record Represents a single software component (library, framework, OS package) discovered via SBOM import (CycloneDX or SPDX).

ColumnTypeNullableNotes
iduuidNoPK
namevarcharNo
versionvarcharNo
vendorvarcharYes
packageUrlvarcharYes
licensevarcharYes
typevarcharNo
hashvarcharYes
createdAtvarcharNo
updatedAtvarcharNo

sbom_import_log (SbomImportLog)​

SbomImportLog β€” Audit trail for SBOM file imports Records every SBOM import operation including file details, counts of imported components/links, and any errors encountered.

ColumnTypeNullableNotes
iduuidNoPK
filenamevarcharNo
formatvarcharNo
assetUuidvarcharYes
componentsImportedintNo
linkagesCreatedintNo
errorsjsonbYes
importedByvarcharNo
importedAttimestampNo
createdAtvarcharNo

Administration & Auth Tables​

18 entities

Entity Relationships (Mermaid ERD)​

Column Reference​

api_audit_logs (ApiAuditLog)​

ColumnTypeNullableNotes
idintNoPK
timestampvarcharNo
endpointvarcharNo
methodvarcharNo
statusvarcharNo
httpStatusintYes
durationMsintNo
recordsLoadedintNo
chunksProcessedintNo
totalChunksintNo
syncTypevarcharNo
syncIdvarcharYes
errorMessagetextYes
requestParamsjsonbYes
responseMetadatajsonbYes

audit_log (AuditLog)​

ColumnTypeNullableNotes
iduuidNoPK
eventTypevarcharNo
actorIduuidYes
actorRolevarcharYes
actorEmailvarcharYes
targetIdtextYes
targetTypevarcharYes
metadatajsonbYes
ipAddressvarcharYes
userAgenttextYes
isVendorActionbooleanNo
createdAtvarcharNo

ip_blacklist (IpBlacklist)​

ColumnTypeNullableNotes
iduuidNoPK
ipAddressvarcharNo
reasonvarcharNo
failedAttemptsintNo
relatedUserEmailssimple-arrayYes
blockedAttimestampNo
expiresAttimestampYes
isActivebooleanNo
blockedByEmailvarcharYes
unblockedByEmailvarcharYes
unblockedAttimestampYes
createdAtvarcharNo

ip_whitelist (IpWhitelist)​

ColumnTypeNullableNotes
iduuidNoPK
ipAddressvarcharNo
reasonvarcharNo
descriptionvarcharYes
whitelistedAttimestampNo
expiresAttimestampYes
isActivebooleanNo
createdByEmailvarcharNo
removedByEmailvarcharYes
removedAttimestampYes
createdAtvarcharNo

license_config (LicenseConfig)​

Singleton row (id = 'default') that persists the active license key in the database. Priority on startup: 1. This table (set via UI import β€” survives all restarts) 2. LICENSE_KEY env var (bootstrap /

ColumnTypeNullableNotes
idvarcharNoPK
licenseKeytextNo
importedByvarcharYes
deploymentIdvarcharYes
jtivarcharYes
lastSuccessfulCheckintimestampYes
createdAtvarcharNo
updatedAtvarcharNo

license_events (LicenseEvent)​

ColumnTypeNullableNotes
iduuidNoPK
eventTypevarcharNo
licenseJtivarcharYes
licenseStatevarcharYes
daysRemainingintegerYes
metadatajsonbYes
messagetextYes
createdAtvarcharNo

notification_config (NotificationConfig)​

NotificationConfig β€” Global notification system configuration Stores SMTP settings and global notification preferences. Only one row should exist (singleton pattern).

ColumnTypeNullableNotes
iduuidNoPK
smtpHostvarcharYes
smtpPortintNo
smtpUservarcharYes
smtpPassEncryptedtextYes
fromAddressvarcharYes
globalEnabledbooleanNo
rateLimitPerMinuteintNo
createdAtvarcharNo
updatedAtvarcharNo

notification_log (NotificationLog)​

NotificationLog β€” Tracks every notification sent to users Supports in-app and email channels. Used for the notification inbox, read tracking, and delivery audit trail.

ColumnTypeNullableNotes
iduuidNoPK
recipientIdvarcharNo
typevarcharNo
channelvarcharNo
statusvarcharNo
titlevarcharNo
bodytextNo
metadatajsonbYes
createdAtvarcharNo
readAttimestampYes

notification_preference (NotificationPreference)​

NotificationPreference β€” Per-user notification channel preferences Each user can configure how they want to receive each notification type: in_app, email, both, or none.

ColumnTypeNullableNotes
iduuidNoPK
userIdvarcharNo
notificationTypevarcharNo
channelvarcharNo
createdAtvarcharNo
updatedAtvarcharNo

roles (Role)​

ColumnTypeNullableNotes
iduuidNoPK
namevarcharNo
descriptiontextYes
permissionsjsonbNo
isSystembooleanNo
createdAtvarcharNo
updatedAtvarcharNo

Relations:

  • users: OneToMany β†’ User

saved_filters (SavedFilter)​

SavedFilter β€” User-scoped saved filter presets for Explore page Each user can save named filter configurations for both the Vulnerabilities and Assets tabs. Filters can be Quick Filters, Advanced Quer

ColumnTypeNullableNotes
iduuidNoPK
userIduuidNo
namevarcharNo
pagevarcharNo
filterDatajsonbNo
isDefaultbooleanNo
createdAtvarcharNo
updatedAtvarcharNo

security_audit_logs (SecurityAuditLog)​

ColumnTypeNullableNotes
idintNoPK
timestampvarcharNo
eventTypevarcharNo
userIdvarcharYes
userEmailvarcharYes
userRolevarcharYes
ipAddressvarcharYes
userAgentvarcharYes
endpointvarcharYes
methodvarcharYes
successbooleanNo
detailsjsonbYes
severityvarcharNo
authMethodvarcharYes

settings (Settings)​

ColumnTypeNullableNotes
keyvarcharNoPK
valuejsonbNo
descriptionvarcharYes
updatedAtvarcharNo

sso_config (SsoConfig)​

Singleton row (id = 'default') storing Microsoft Entra ID SSO configuration. Only one row exists β€” upserted via the Admin SSO settings page. The clientSecret is AES-256-GCM encrypted at rest; decrypti

ColumnTypeNullableNotes
idvarcharNoPK
tenantIdvarcharYes
clientIdvarcharYes
encryptedClientSecrettextYes
enabledbooleanNo
loginButtonVisiblebooleanNo
autoProvisionbooleanNo
allowedDomainsjsonbNo
enforcedDomainsjsonbNo
defaultRolevarcharNo
roleMappingjsonbNo
createdAtvarcharNo
updatedAtvarcharNo

tenant_entitlements (TenantEntitlement)​

Per-tenant entitlement record in the public schema. Populated on provisioning, updated on plan/status changes from TLM. Used as local fallback when TLM+Redis are unreachable. Resolution chain: Redis c

ColumnTypeNullableNotes
iduuidNoPK
customerIdvarcharNo
customerNamevarcharYes
schemaNamevarcharYes
planvarcharNo
statusvarcharNo
allowedModulesjsonbNo
maxUsersintNo
planLimitsjsonbYes
currentUsersintNo
expiresAttimestampYes
deprovisionedAttimestampYes
deprovisionedByvarcharYes
hardDeleteAftertimestampYes
createdAtvarcharNo
updatedAtvarcharNo

token_blacklist (TokenBlacklist)​

ColumnTypeNullableNotes
idintNoPK
tokenvarcharNo
userIdvarcharYes
reasonvarcharNo
expiresAttimestampNo
createdAtvarcharNo

users (User)​

ColumnTypeNullableNotes
iduuidNoPK
emailvarcharNo
passwordHashvarcharYes
namevarcharNo
rolevarcharYes
statusvarcharNo
failedLoginAttemptsintNo
lockedUntiltimestampYes
lastLoginAttimestampYes
lastLoginIpvarcharYes
twoFactorEnabledbooleanNo
twoFactorSecretvarcharYes
resetPasswordTokenvarcharYes
resetPasswordExpirestimestampYes
isVendorAccountbooleanNo
forcePasswordChangebooleanNo
inviteTokenvarcharYes
inviteTokenExpirestimestampYes
inviteStatusvarcharNo
invitedByvarcharYes
invitedAttimestampYes
ssoProvidervarcharYes
ssoSubjectIdvarcharYes
loginMethodvarcharNo
createdAtvarcharNo
updatedAtvarcharNo

Relations:

  • roleDefinition: ManyToOne β†’ Role

vfp_audit_log (VfpAuditLog)​

VfpAuditLog β€” VFP-specific audit trail Records all significant actions within the VFP module including policy changes, work package lifecycle events, exception approvals, and ticket operations. Stores

ColumnTypeNullableNotes
iduuidNoPK
actionvarcharNo
entityTypevarcharNo
entityIdvarcharYes
actorIdvarcharNo
beforejsonbYes
afterjsonbYes
ipvarcharYes
timestampvarcharNo

Operations & Integrations Tables​

17 entities

Entity Relationships (Mermaid ERD)​

Column Reference​

api_config (ApiConfig)​

ColumnTypeNullableNotes
iduuidNoPK
keyvarcharNo
encryptedValuetextNo
descriptionvarcharYes
createdAtvarcharNo
updatedAtvarcharNo

archived_data (ArchivedData)​

ColumnTypeNullableNotes
idintNoPK
filenamevarcharNo
startDatedateNo
endDatedateNo
statusvarcharNo
sizeBytesbigintNo
recordCountintNo
storagePathvarcharYes
checksumvarcharYes
errorMessagetextYes
createdByvarcharYes
createdAtvarcharNo
restoredAttimestampYes

chunk_progress (ChunkProgress)​

ChunkProgress entity for tracking individual chunk downloads Enables resume capability and detailed progress monitoring

ColumnTypeNullableNotes
iduuidNoPK
syncJobIdvarcharNo
exportUuidvarcharNo
chunkIdintNo
chunkIndexintNo
totalChunksintNo
statusvarcharNo
recordCountintNo
retryCountintNo
maxRetriesintNo
startedAttimestampYes
completedAttimestampYes
durationMsintYes
errorMessagetextYes
lastErrortextYes
createdAtvarcharNo
updatedAtvarcharNo

cleanup_logs (CleanupLog)​

ColumnTypeNullableNotes
iduuidNoPK
jobIdvarcharYes
assetUuidvarcharNo
hostnamevarcharYes
lastSeentimestampNo
reasonvarcharNo
deletedVulnerabilitiesCountintNo
deletedAtvarcharNo

date_exclusions (DateExclusion)​

DateExclusion entity - stores excluded dates for dashboard calculations Enhanced with automated anomaly detection (Phase 3): - Supports both manual exclusions and auto-detected spikes - Tracks baselin

ColumnTypeNullableNotes
datedateNoPK
isExcludedbooleanNo
reasonvarcharYes
excludedByvarcharYes
isAutoDetectedbooleanNo
baselineAvgdecimalYes
baselineStddevdecimalYes
fixedCountintYes
suspectedCausevarcharYes
distinctPluginsAffectedintYes
distinctAssetsAffectedintYes
statusvarcharNo
createdAttimestampNo
updatedAttimestampNo

export_jobs (ExportJob)​

ExportJob entity for tracking async export requests Enables background generation of large exports without blocking the frontend

ColumnTypeNullableNotes
iduuidNoPK
statusvarcharNo
formatvarcharNo
progressintNo
totalRecordsintYes
processedRecordsintYes
filePathvarcharYes
downloadUrlvarcharYes
fileSizebigintYes
expiresAttimestampYes
errorMessagetextYes
requestedByvarcharYes
filterssimple-jsonYes
createdAtvarcharNo
updatedAtvarcharNo
completedAttimestampYes

generated_report (GeneratedReport)​

GeneratedReport β€” A completed report instance with its data Stores the output of a report generation run. The data field contains the full report payload (stats, charts data, tables) as JSONB. Reports

ColumnTypeNullableNotes
iduuidNoPK
templateIdvarcharYes
namevarcharNo
typevarcharNo
parametersjsonbYes
datajsonbNo
formatvarcharNo
statusvarcharNo
generatedByvarcharNo
createdAtvarcharNo

integration_config (IntegrationConfig)​

IntegrationConfig β€” VFP Phase 10 External Integration Settings Stores configuration for external notification integrations (Slack, Teams, Email, PagerDuty, custom). Each integration subscribes to spec

ColumnTypeNullableNotes
iduuidNoPK
typevarcharNo
namevarcharNo
configjsonbNo
eventssimple-jsonNo
isActivebooleanNo
createdByvarcharNo
createdAtvarcharNo
updatedAtvarcharNo

os_category_rules (OsCategoryRule)​

ColumnTypeNullableNotes
iduuidNoPK
valuevarcharNo
labelvarcharNo
osPatternssimple-arrayNo
familyPatternssimple-arrayYes
sortOrderintNo
isActivebooleanNo
createdAtvarcharNo
updatedAtvarcharNo

quarantined_data (QuarantinedData)​

QuarantinedData entity for storing corrupted or invalid data Enables data integrity protection and automated recovery attempts

ColumnTypeNullableNotes
iduuidNoPK
syncJobIdvarcharNo
chunkIdintYes
quarantineReasonvarcharNo
errorDetailstextNo
rawDatajsonbYes
assetUuidvarcharYes
pluginIdintYes
retryCountintNo
maxRetriesintNo
statusvarcharNo
resolutionNotestextYes
resolvedByvarcharYes
quarantinedAtvarcharNo
lastRetryAttimestampYes
resolvedAttimestampYes
updatedAtvarcharNo

report_template (ReportTemplate)​

ReportTemplate β€” Reusable report layout definition Defines the structure and data sources for a report type. Templates can be default (system-provided) or user-created. Each template specifies section

ColumnTypeNullableNotes
iduuidNoPK
namevarcharNo
typevarcharNo
descriptiontextYes
sectionsjsonbNo
isDefaultbooleanNo
createdByvarcharNo
createdAtvarcharNo
updatedAtvarcharNo

scan_target_groups (TargetGroup)​

TargetGroup β€” reusable groups of scan targets. Static groups contain explicit IP/CIDR lists. Dynamic groups use rules (e.g. "all assets with tag=production") to auto-populate targets at scan time. Sep

ColumnTypeNullableNotes
iduuidNoPK
namevarcharNo
descriptiontextYes
typevarcharNo
targetsjsonbNo
dynamicRulesjsonbYes
createdByuuidYes
createdAtvarcharNo
updatedAtvarcharNo

scheduled_report (ScheduledReport)​

ScheduledReport β€” Recurring report generation configuration Stores user-defined schedules for automatic report generation. The report scheduler service checks these on a timer and generates reports +

ColumnTypeNullableNotes
iduuidNoPK
organizationIdvarcharYes
createdByvarcharNo
namevarcharNo
reportTypevarcharNo
formatvarcharNo
frequencyvarcharNo
dayOfWeekintYes
dayOfMonthintYes
hourintNo
parametersjsonbYes
emailEnabledbooleanNo
emailRecipientsjsonbYes
enabledbooleanNo
lastRunAttimestampYes
lastRunStatusvarcharYes
nextRunAttimestampYes
createdAtvarcharNo
updatedAtvarcharNo

sla_escalation (SlaEscalation)​

SlaEscalation β€” SLA tracking for individual work packages Records the SLA due date, breach status, and escalation level for each work package. Used to power SLA dashboards, breach reports, and automat

ColumnTypeNullableNotes
iduuidNoPK
workPackageIdvarcharNo
severityvarcharNo
dueDatetimestampNo
breachedAttimestampYes
escalationLevelintegerNo
escalatedTosimple-jsonYes
notifiedAttimestampYes
createdAtvarcharNo

sla_policy_config (SlaPolicyConfig)​

SlaPolicyConfig β€” SLA policy definitions for vulnerability remediation Defines the maximum number of days allowed to remediate vulnerabilities by severity level. Only one policy can be active at a tim

ColumnTypeNullableNotes
iduuidNoPK
severityCriticalintegerNo
severityHighintegerNo
severityMediumintegerNo
severityLowintegerNo
escalationRulesjsonbYes
isActivebooleanNo
createdByvarcharNo
createdAtvarcharNo
updatedAtvarcharNo

webhook_config (WebhookConfig)​

WebhookConfig β€” VFP Phase 10 Webhook Configuration Stores outbound webhook endpoints that receive event notifications when VFP actions occur (work package changes, exceptions, SLA breaches, etc.). Sup

ColumnTypeNullableNotes
iduuidNoPK
namevarcharNo
urlvarcharNo
secretvarcharYes
eventssimple-jsonNo
isActivebooleanNo
headersjsonbYes
retryCountintegerNo
lastTriggeredAttimestampYes
lastStatusvarcharYes
createdByvarcharNo
createdAtvarcharNo
updatedAtvarcharNo

webhook_delivery_log (WebhookDeliveryLog)​

WebhookDeliveryLog β€” VFP Phase 10 Webhook Delivery Tracking Records every outbound webhook delivery attempt, including the payload sent, response received, retry count, and final status. Used for debu

ColumnTypeNullableNotes
iduuidNoPK
webhookIdvarcharNo
eventvarcharNo
payloadjsonbNo
responseStatusintegerYes
responseBodytextYes
statusvarcharNo
attemptsintegerNo
errortextYes
deliveredAttimestampYes
createdAtvarcharNo

Generated on 2026-04-05T09:31:31.171Z