feat: host-centric network map, analysis dashboard, deduped inventory

- Rewrote NetworkMap to use deduplicated host inventory (163 hosts from 394K rows)
- New host_inventory.py service: scans datasets, groups by FQDN/ClientId, extracts IPs/users/OS
- New /api/network/host-inventory endpoint
- Added AnalysisDashboard with 6 tabs (IOC, anomaly, host profile, query, triage, reports)
- Added 16 analysis API endpoints with job queue and load balancer
- Added 4 AI/analysis ORM models (ProcessingJob, AnalysisResult, HostProfile, IOCEntry)
- Filters system accounts (DWM-*, UMFD-*, LOCAL/NETWORK SERVICE)
- Infers OS from hostname patterns (W10-* -> Windows 10)
- Canvas 2D force-directed graph with host/external-IP node types
- Click popover shows hostname, FQDN, IPs, OS, users, datasets, connections

backend/app/api/routes/network.py

@@ -0,0 +1,28 @@
+"""Network topology API - host inventory endpoint."""
+
+import logging
+
+from fastapi import APIRouter, Depends, HTTPException, Query
+from sqlalchemy.ext.asyncio import AsyncSession
+
+from app.db import get_db
+from app.services.host_inventory import build_host_inventory
+
+logger = logging.getLogger(__name__)
+router = APIRouter(prefix="/api/network", tags=["network"])
+
+
+@router.get("/host-inventory")
+async def get_host_inventory(
+    hunt_id: str = Query(..., description="Hunt ID to build inventory for"),
+    db: AsyncSession = Depends(get_db),
+):
+    """Build a deduplicated host inventory from all datasets in a hunt.
+
+    Returns unique hosts with hostname, IPs, OS, logged-in users, and
+    network connections derived from netstat/connection data.
+    """
+    result = await build_host_inventory(hunt_id, db)
+    if result["stats"]["total_hosts"] == 0:
+        return result
+    return result