-
Notifications
You must be signed in to change notification settings - Fork 10
SPEC
Nathan Leach edited this page Aug 27, 2021
·
7 revisions
The record definitions are showing the possible fields provided in a data record. Some fields may be omitted if they are not provided by the source data. (e.g. OSA records or OSA related fields would not be included in a record output if a project was not being scanned using OSA.)
- CxVersion
- DeepLink
- EngineFinished
- EngineStart
- FailedLinesOfCode
- FileCount
- High
- Information
- Initiator
- InstanceId (Only included if an instance id is configured)
- Languages
- LinesOfCode
- Low
- Medium
- PoliciesViolated (Requires M&O to be running and policies assigned to have any meansing)
- PolicyViolations (Requires M&O to be running and policies assigned to have any meansing)
- Preset
- ProjectId
- ProjectName
- ReportCreationTime
- RulesViolated
- ScanComments
- ScanFinished
- ScanId
- ScanProcessingEngine (as of v1.3.1)
- ScanProduct
- ScanRisk
- ScanRiskSeverity
- ScanStart
- ScanTime
- ScanType
- SourceOrigin
- TeamName
- FalsePositive
- FirstDetectionDate (as of v1.3.1)
- InstanceId (Only included if an instance id is configured)
- NodeCodeSnippet
- NodeColumn
- NodeFileName
- NodeId
- NodeLength
- NodeLine
- NodeName
- NodeType
- PathId
- ProjectId
- ProjectName
- QueryCategories
- QueryCweId
- QueryGroup
- QueryId
- QueryLanguage
- QueryName
- QuerySeverity
- QueryVersionCode
- Remark
- ResultDeepLink
- ResultId
- ResultSeverity
- ScanFinished
- ScanId
- ScanProduct
- ScanType
- SimilarityId
- SinkColumn
- SinkFileName
- SinkLine
- State
- Status
- TeamName
- VulnerabilityId
- HighVulnerabilityLibraries
- InstanceId (Only included if an instance id is configured)
- LegalHigh
- LegalLow
- LegalMedium
- LowVulnerabilityLibraries
- MediumVulnerabilityLibraries
- NonVulnerableLibraries
- PoliciesViolated
- PolicyViolations
- ProjectId
- ProjectName
- RulesViolated
- ScanFinished
- ScanId
- ScanStart
- TeamName
- TotalHighVulnerabilities
- TotalLibraries
- TotalLowVulnerabilities
- TotalMediumVulnerabilities
- VulnerabilityScore
- VulnerableAndOutdated
- VulnerableAndUpdated
- CVEDescription
- CVEName
- CVEPubDate
- CVEScore
- CVEUrl
- InstanceId (Only included if an instance id is configured)
- LibraryId
- LibraryLatestReleaseDate
- LibraryLatestVersion
- LibraryLegalRisk_{License & Version} (Field name is dynamically generated)
- LibraryLicenses
- LibraryName
- LibraryReleaseDate
- LibraryVersion
- ProjectId
- ProjectName
- Recommendation
- ScanFinished
- ScanId
- ScanRiskSeverity
- SimilarityId
- State
- TeamName
- VulnerabilityId
- CustomFields (Only included if custom fields are defined for the project. Structure is dynamically generated using custom field name/value elements.)
- InstanceId (Only included if an instance id is configured)
- LastCrawlDate (versions >= 1.2.2)
- Policies (M&O is required to support policy assignment)
- Preset
- ProjectId
- ProjectName
- SAST_LastScanDate
- SAST_Scans
- SCA_LastScanDate (omitted if OSA is not used)
- SCA_Scans (omitted if OSA is not used)
- TeamName
This record requires M&O to be installed and policies assigned to projects prior to scans. Scans performed without a policy assigned will not have a policy violation record.
- FirstViolationDetectionDate
- InstanceId (Only included if an instance id is configured)
- PolicyId
- PolicyName
- ProjectId
- ProjectName
- RuleCreateDate
- RuleDescription
- RuleId
- RuleName
- RuleType
- ScanId
- ScanProduct
- ScanType
- TeamName
- ViolationId (versions >= 1.2.2)
- ViolationName
- ViolationOccurredDate
- ViolationRiskScore
- ViolationSeverity
- ViolationState
- ViolationStatus
This record is only populated on versions 9.x+
- Details
- Id
- OriginIpAddress
- TimeStamp
- Type
- UserId
- UserName
This record is deprecated on versions 9.x+
- Action
- EndTime
- EntityId
- EntityType
- Origin
- Remarks
- StartTime
- Success
- UserName
- DataRetentionRequestId
- DeletedScanId
- Id
- InititiatorName
- TimeStamp
- Client
- ErrorMessage
- Event
- Id
- IsSuccessfull
- OwnerId
- TimeStamp
- Event
- Id
- IsSuccessfull
- OwnerId
- OwnerName
- OwnerType
- PresetId
- PresetName
- TimeStamp
- Client
- Event
- Id
- OwnerId
- OwnerName
- ProjectId
- ProjectName
- TimeStamp
- Comments
- CurrentUserName
- Cwe
- CxDescriptionID
- DraftSource
- EngineMetadata
- Event
- Id
- IsCheckOut
- IsCompiled
- IsDeprecated
- IsEncrypted
- IsExecutable
- IsSuccessfull
- Name
- OwnerId
- OwnerName
- OwnerType
- PackageId
- QueryId
- Severity
- Source
- TimeStamp
- UpdateTime
- Version
- Comment
- Event
- Id
- IsSuccessfull
- OwnerId
- OwnerName
- OwnerType
- TimeStamp
- Id
- OwnerId
- OwnerName
- ReportType
- ReportTypeID
- ScanID
- TimeStamp
- Event
- EventInitiatorUserId
- EventInitiatorUserName
- Id
- IsSuccessfull
- ProjectId
- ProjectName
- ScanID
- ScanOwnerName
- ScanRequestId
- TimeStamp
- Client
- Event
- Id
- IsSuccessfull
- OwnerId
- OwnerName
- ProjectId
- ProjectName
- ScanID
- TimeStamp
- UpdateType
- Comment
- Event
- Id
- IsSuccessfull
- OwnerId
- OwnerName
- TimeStamp
- UserId
- UserName