-
Notifications
You must be signed in to change notification settings - Fork 10
Configure CxAnalytixService
Nathan Leach edited this page Sep 16, 2021
·
4 revisions
An example of the execution configuration element is shown below:
<CxAnalyticsService EnablePseudoTransactions="false" ConcurrentThreads="2" StateDataStoragePath=".\"
ProcessPeriodMinutes="120"
OutputFactoryClassPath="CxAnalytix.Out.Log4NetOutput.LoggerOutFactory, Log4NetOutput"
SASTScanSummaryRecordName="RECORD_SAST_Scan_Summary"
SASTScanDetailRecordName="RECORD_SAST_Scan_Detail"
SCAScanSummaryRecordName="RECORD_SCA_Scan_Summary"
SCAScanDetailRecordName="RECORD_SCA_Scan_Detail"
ProjectInfoRecordName="RECORD_Project_Info"
PolicyViolationsRecordName="RECORD_Policy_Violations"
/>
The configuration of the fields in this elemen varies depending on which output implementation being used.
| Attribute | Description |
|---|---|
| ConcurrentThreads | The number of reports that are processed concurrently. |
| StateDataStoragePath | A path to a folder where the state data that is persisted between each scan is stored. It is an exceptionally good idea to periodically back up the state data file. The state data file is used to store the scans to crawl on each execution; the initial execution crawls ALL scans and creates the state data file named CxAnalytixExportState.json. The file can be deleted to force a full scan crawl. |
| ProcessPeriodMinutes | (Ignored by the CxAnalytixCLI) The number of minutes between performing crawls for new scan results. |
| InstanceId | (Optional) A static value added to each data record to indicate the SAST instance from which the record originated. |
| EnablePseudoTransactions |
(Optional) Defaults to false. Set to true to enable Pseudo Transactions. |
Modify the remaining attributes based on your chosen output method.
| Attribute | Description |
|---|---|
| OutputFactoryClassPath | Must be CxAnalytix.Out.Log4NetOutput.LoggerOutFactory, Log4NetOutput otherwise the output component will not load properly. |
| SASTScanSummaryRecordName | The value matches the name attribute of the <logger> element in the Log4Net configuration that will log SAST Scan Summary records. |
| SASTScanDetailRecordName | The value matches the name attribute of the <logger> element in the Log4Net configuration that will log SAST Scan Detail records. |
| SCAScanSummaryRecordName | The value matches the name attribute of the <logger> element in the Log4Net configuration that will log OSA Scan Summary records. |
| SCAScanDetailRecordName | The value matches the name attribute of the <logger> element in the Log4Net configuration that will log OSA Scan Detail records. |
| ProjectInfoRecordName | The value matches the name attribute of the <logger> element in the Log4Net configuration that will log Project Info records. |
| PolicyViolationsRecordName | The value matches the name attribute of the <logger> element in the Log4Net configuration that will log Policy Violation records. |
| Attribute | Description |
|---|---|
| OutputFactoryClassPath | Must be CxAnalytix.Out.MongoDBOutput.MongoDBOutFactory, MongoDBOutput otherwise the output component will not load properly. |
| SASTScanSummaryRecordName | Set to the name of the collection where SAST Scan Summary records will be written. |
| SASTScanDetailRecordName | Set to the name of the collection where SAST Scan Detail records will be written. |
| SCAScanSummaryRecordName | Set to the name of the collection where OSA Scan Summary records will be written. |
| SCAScanDetailRecordName | Set to the name of the collection where SAST Scan Detail records will be written. |
| ProjectInfoRecordName | Set to the name of the collection where Project Info records will be written. |
| PolicyViolationsRecordName | Set to the name of the collection where Policy Violation records will be written. |
| Attribute | Description |
|---|---|
| OutputFactoryClassPath | Must be CxAnalytix.Out.AMQPOutput.AMQPOutFactory, AMQPOutput otherwise the output component will not load properly. |
| SASTScanSummaryRecordName | The value of the message Type attribute and default routing key for this record type. Also used to configure record-specific options in the AMQPConfig element. |
| SASTScanDetailRecordName | The value of the message Type attribute and default routing key for this record type. Also used to configure record-specific options in the AMQPConfig element. |
| SCAScanSummaryRecordName | The value of the message Type attribute and default routing key for this record type. Also used to configure record-specific options in the AMQPConfig element. |
| SCAScanDetailRecordName | The value of the message Type attribute and default routing key for this record type. Also used to configure record-specific options in the AMQPConfig element. |
| ProjectInfoRecordName | The value of the message Type attribute and default routing key for this record type. Also used to configure record-specific options in the AMQPConfig element. |
| PolicyViolationsRecordName | The value of the message Type attribute and default routing key for this record type. Also used to configure record-specific options in the AMQPConfig element. |
Configuration values provided for this section can embed a reference to an environment variable by delimiting the name of the variable with %. While this is typically a construct used on Windows, this applies to all platforms. Example:
<CxAnalyticsService ConcurrentThreads="2" StateDataStoragePath="%STATE_PATH%"
ProcessPeriodMinutes="120"
OutputFactoryClassPath="CxAnalytics.Out.Log4NetOutput.LoggerOutFactory, Log4NetOutput"
SASTScanSummaryRecordName="RECORD_SAST_Scan_Summary"
SASTScanDetailRecordName="RECORD_SAST_Scan_Detail"
SCAScanSummaryRecordName="RECORD_SCA_Scan_Summary"
SCAScanDetailRecordName="RECORD_SCA_Scan_Detail"
ProjectInfoRecordName="RECORD_Project_Info"
PolicyViolationsRecordName="RECORD_Policy_Violations"
/>