Skip to main content

SBOM Manager Advanced Search View

Use the SBOM Search to understand where components and vulnerabilities exist across your catalog of SBOMs directly from the UI. Export the results to build reports to share anywhere you need them.

Screenshot_2024-04-17_at_5_30_15_PM.png

Advanced Search

Use the Advanced Search feature to search the configuration and component details from the UI.

  • Repository Firewall

    The Advance Search does not provide results for Repository Firewall components. Use the Firewall Dashboard to search for quarantined components.

    See Firewall Dashboard

    To script searches for Repository Firewall, use Firewall REST API.

  • Sonatype Lifecycle

    The Advanced Search does not return policy violations. Use the Lifecycle Dashboard to search policy violations.

    See Lifecycle Dashboard

    To script advanced searches for Lifecycle, use Advanced Search REST API.

This feature is enabled by default with the search index created automatically. The search index may be manually recreated by the System Administrators from the System Preferences menu. Select the enabled checkbox before creating the index. The last indexed time displays once the index has successfully been created.

Automatic Re-indexing

The Advanced Search automatically re-indexes when changes are made to the data. Automatic indexing only applies to data changes made while the feature is enabled.

Search Performance

Advanced Search feature retrieves results from large data sets. To limit risk to the performance of the server by consuming too much of the service resources, limits to the query results are in place. You will see an error message asking you to narrow down the search when this occurs.

Exporting Advanced Search Results

You may export the results of an advanced search by selecting the Export Results button from the Advanced Search page. The search results are downloaded in a CSV file.

Results may also be exported using the Advanced Search REST API.

Advance_search.png

Limitations with the Advance Search

The Advance Search does not list all vulnerabilities known to Sonatype. The complete list of vulnerabilities are stored in Sonatype's proprietary Hosted Data Services (HDS) database and is used during the application analysis.

Performing a Search

Fine-tune the search query by combining multiple search terms/item types with the supported search syntax. Such queries are used to find specific organizations, applications, components, and policies by names, IDs, etc.

Steps to use Advanced Search:

  1. Navigate to Advanced Search in the menu bar

  2. Select the Add Search Terms button to build a query and add an item type

  3. Enter the corresponding search value to complete the search criteria

  4. Select Search to view the results

Components with vulnerabilities

Selecting any search item type from the Component category will give an option to retrieve:

  1. All components that match the search criteria

  2. Only components that match the search criteria and have security vulnerabilities

Components from a Specific Organization

You can search for components or vulnerabilities in applications that belong to a specific organization by including the organization name or organization ID in the search query.

The search retrieves components and vulnerabilities from applications directly managed by the organization specified in the search query.

Searching into the organization hierarchy is not supported by the Advanced Search. Including an organization in the search query will not retrieve results for its child organizations.

Refer to the tables below for search item types and examples when building a search query.

Table 9. ORGANIZATION

Field Name

Example

organizationId

organizationId:ROOT_ORGANIZATION_ID

organizationName

organizationName:"Root Organization"



Table 10. APPLICATION

Field Name

Example

applicationId

applicationId:22951997a36045ab8593e3b6aafb9745

applicationName

applicationName:"My Application Name"

applicationPublicId

applicationPublicId:MyApplicationPublicId

applicationVersion

applicationVersion:1.0

sbomSpecifications

sbomSpecifications:CycloneDx



Table 11. APPLICATION_CATEGORY

Field Name

Example

applicationCategoryId

applicationCategoryId:319cde35ef9749f4ab99a6473ad10b74

applicationCategoryName

applicationCategoryName:Distributed

applicationCategoryColor

applicationCategoryColor:yellow

applicationCategoryDescription

applicationCategoryDescription:"outside the company"



Table 12. COMPONENT

Field Name

Example

componentHash

componentHash:f5149f0aaf01daf4bb2f

componentFormat

componentFormat:maven

componentName

componentName:"javax.mail : mailapi : 1.4.2"

componentCoordinateGroupId

componentCoordinateGroupId:commons-fileupload

componentCoordinateArtifactId

componentCoordinateArtifactId:mailapi

componentCoordinateVersion

componentCoordinateVersion:1.2.16

componentCoordinateClassifier

componentCoordinateClassifier:dist

componentCoordinateExtension

componentCoordinateExtension:jar

componentCoordinateName

componentCoordinateName:"org.webjars bootstrap"

componentCoordinateQualifier

componentCoordinateQualifier:cp37-cp37m-win32

componentCoordinatePackageId

componentCoordinatePackageId:loadash

componentCoordinateArchitecture

componentCoordinateArchitecture:x86_64

componentCoordinatePlatform

componentCoordinatePlatform:ruby



Table 13. COMPONENT_LABEL

Field Name

Example

componentLabelId

componentLabelId:0d3f4015332e4b298ac1ed95c12ff3a3

componentLabelName

componentLabelName:Architecture-Cleanup

componentLabelColor

componentLabelColor:orange

componentLabelDescription

componentLabelDescription:"relics of a build"



Table 14. POLICY

Field Name

Example

policyId

policyId:b4ca64a8b8264f03b65127016859b2a2

policyName

policyName:Component-Unknown

policyThreatCategory

policyThreatCategory:security

policyThreatLevel

policyThreatLevel:10



Table 15. SECURITY_VULNERABILITY

Field Name

Example

reportId

reportId:a6860277aa844ab5af8bfef041f7e6e5

policyEvaluationStage

policyEvaluationStage:Build

vulnerabilityId

vulnerabilityId:CVE-2014-3625

vulnerabilityStatus

vulnerabilityStatus:Open

vulnerabilitySeverity

vulnerabilitySeverity:7.1

vulnerabilityDescription

vulnerabilityDescription:"directory traversal"