Skip to main content

SBOM Manager Advanced Search View

Use the SBOM Search to understand where components and vulnerabilities exist across your catalog of SBOMs directly from the UI. Export the results to build reports to share anywhere you need them.

Screenshot_2024-04-17_at_5_30_15_PM.png

Advanced Search

The Advanced Search feature allows you to search the configuration and component details from the UI.

This feature is enabled by default and the search index is created automatically. System Administrators may manually recreate a search index from the Advanced Search configuration. This page is accessible from the System Preferences menu. The enabled checkbox needs to be checked before recreating the index. The last indexed time will display once the index has successfully been created.

The Advanced Search does not return policy violations.

Automatic Re-indexing

The Advanced Search automatically re-indexes when changes are made to the data. Automatic indexing only applies to data changes made while the feature is enabled.

Search Performance

Advanced Search feature retrieves results from large data sets. To limit risk to the performance of the server by consuming too much of the service resources, limits to the query results are in place. You will see an error message asking you to narrow down the search when this occurs.

Exporting Advanced Search Results

You may export the results of an advanced search by selecting the Export Results button from the Advanced Search page. The search results are downloaded in a CSV file.

Results may also be exported using the Advanced Search REST API.

123404564.png

Limitations with the Advance Search

The Advance Search does not list all vulnerabilities known to Sonatype. The complete list of vulnerabilities are stored in Sonatype's proprietary Hosted Data Services (HDS) database and is used during the application analysis.

Performing a Search

Fine-tune the search query by combining multiple search terms/item types with the supported search syntax. Such queries are used to find specific organizations, applications, components, and policies by names, IDs, etc.

Steps to use Advanced Search:

  1. Navigate to Advanced Search in the menu bar

  2. Select the Add Search Terms button to build a query and add an item type

  3. Enter the corresponding search value to complete the search criteria

  4. Select Search to view the results

Components with vulnerabilities

Selecting any search item type from the Component category will give an option to retrieve:

  1. All components that match the search criteria

  2. Only components that match the search criteria and have security vulnerabilities

Components from a Specific Organization

You can search for components or vulnerabilities in applications that belong to a specific organization by including the organization name or organization ID in the search query.

The search retrieves components and vulnerabilities from applications directly managed by the organization specified in the search query.

Searching into the organization hierarchy is not supported by the Advanced Search. Including an organization in the search query will not retrieve results for its child organizations.

Reference- search item types and field names

Refer to the tables below for search item types and examples when building a search query.

Table 9. ORGANIZATION

Field Name

Example

organizationId

organizationId:ROOT_ORGANIZATION_ID

organizationName

organizationName:"Root Organization"



Table 10. APPLICATION

Field Name

Example

applicationId

applicationId:22951997a36045ab8593e3b6aafb9745

applicationName

applicationName:"My Application Name"

applicationPublicId

applicationPublicId:MyApplicationPublicId

applicationVersion

applicationVersion:1.0

sbomSpecifications

sbomSpecifications:CycloneDx



Table 11. APPLICATION_CATEGORY

Field Name

Example

applicationCategoryId

applicationCategoryId:319cde35ef9749f4ab99a6473ad10b74

applicationCategoryName

applicationCategoryName:Distributed

applicationCategoryColor

applicationCategoryColor:yellow

applicationCategoryDescription

applicationCategoryDescription:"outside the company"



Table 12. COMPONENT

Field Name

Example

componentHash

componentHash:f5149f0aaf01daf4bb2f

componentFormat

componentFormat:maven

componentName

componentName:"javax.mail : mailapi : 1.4.2"

componentCoordinateGroupId

componentCoordinateGroupId:commons-fileupload

componentCoordinateArtifactId

componentCoordinateArtifactId:mailapi

componentCoordinateVersion

componentCoordinateVersion:1.2.16

componentCoordinateClassifier

componentCoordinateClassifier:dist

componentCoordinateExtension

componentCoordinateExtension:jar

componentCoordinateName

componentCoordinateName:"org.webjars bootstrap"

componentCoordinateQualifier

componentCoordinateQualifier:cp37-cp37m-win32

componentCoordinatePackageId

componentCoordinatePackageId:loadash

componentCoordinateArchitecture

componentCoordinateArchitecture:x86_64

componentCoordinatePlatform

componentCoordinatePlatform:ruby



Table 13. COMPONENT_LABEL

Field Name

Example

componentLabelId

componentLabelId:0d3f4015332e4b298ac1ed95c12ff3a3

componentLabelName

componentLabelName:Architecture-Cleanup

componentLabelColor

componentLabelColor:orange

componentLabelDescription

componentLabelDescription:"relics of a build"



Table 14. POLICY

Field Name

Example

policyId

policyId:b4ca64a8b8264f03b65127016859b2a2

policyName

policyName:Component-Unknown

policyThreatCategory

policyThreatCategory:security

policyThreatLevel

policyThreatLevel:10



Table 15. SECURITY_VULNERABILITY

Field Name

Example

reportId

reportId:a6860277aa844ab5af8bfef041f7e6e5

policyEvaluationStage

policyEvaluationStage:Build

vulnerabilityId

vulnerabilityId:CVE-2014-3625

vulnerabilityStatus

vulnerabilityStatus:Open

vulnerabilitySeverity

vulnerabilitySeverity:7.1

vulnerabilityDescription

vulnerabilityDescription:"directory traversal"