I try to find decision for saving scan results (and later a lot of different information about vulnerabilities, hosts, nets etc). But I try to understand whether graph db is suitable for that? Because I was stuck on current small example:
I have IPs , Ports and Dates. Every day I'm scanning and getting partly new partly the same results. - The real problem (at least for me) that after few days scanning I’ll get few nodes like that. Let:
in Date1 -> was found IP1 -> with Port22
in Date2 -> was found IP1 -> with Port80
(in bold - nodes, in italic - edges)
And now I want to make query about IP1 and his Ports was opened in Date1 . But in response will be both Ports (22 and 80) because in current scheme there aren’t any mentions between Date and Port .
So I try to think up proper scheme that will allow such requests without creating new objects IP1_new and Port_new linked to Date2