Clair Application Analysis
NEW IN RELEASE 77
The Clair coordinate based matching feature provides the ability to scan and evaluate Clair identified container dependencies.
For reference on how to use Clair please refer to the Clair documentation.
What is Supported
Files named clair-scanner-output.json created by the client Clair scanner ( https://github.com/arminc/clair-scanner ).
Integrations with Clair analysis support
- CLI from version 77
- Jenkins from version 3.8.20191127-111424.5D61F82
- Bamboo from version 1.14.3
Steps to analyze using the CLI
Create the clair-scanner-output.json by running the Clair scanner
For detailed instructions on Clair scanner please refer to the Clair scanner documentation.
clair-scanner --ip 10.0.1.144 -r clair-scanner-output.json vulnerables/web-dvwa
Example file content
Run a scan
Invoke a CLI scan of the directory containing clair-scanner-output.json. Instructions on how to do this can be found here https://help.sonatype.com/integrations/nexus-iq-cli.
The output from the cli