On this Page:
- Overview of Repository Results
- How to Filter Repository Results
- Re-evaluate a Repository
- View Component Details
Repository Results contain detailed results of policy evaluation for all components in a specific repository. It offers a component-level drill-down view of violations found during policy evaluations, in the selected repository.
For each component in the Repository Results, you can review:
- All policy violations.
- Detailed component information including match state, identification source, component coordinates and recommended versions for remediation.
The summary section at the top of the Repository Results view (see above) shows:
- Count of components that were identified in the selected repository.
- Percentage of components that are identified.
- Count of policy violations displayed by threat level.
- Count of components affected by policy violations.
- Count of quarantined components.
Below the summary section is a list of policy violations and the components that violated those policies. By default, this information is ordered by the highest policy threat level.
You can refine the list using one of the following filter categories:
Filtering Repository Results
You can use a combination of filtering options, to find a specific violation or component in the Repository Results.
Component Match State
- All - Every component in the selected repository.
- Exact - Components in the selected repository that have an exact match to a component known to IQ Server.
- Unknown - Components in the selected repository that have no exact match in IQ Server and cannot be identified.
- all/none: Select all options appearing under the "Violations" category in the filter.
- Not Violating: Display all components that have no violations.
- Open: Display all policy violations that are not waived.
- Quarantined: Display all policy violations that cause a component to be quarantined.
- Waived: Display all policy violations that are waived.
Waived components are indicated as shown in the above screenshot. To waive more components, click on the component to access the corresponding component details page. Click on the Policy Violations tab (or Legal or Security tabs, depending upon the type of violation) and follow the steps to create a waiver.
Waivers are applied the next time policies are evaluated for the affected components.
You can update the evaluation results by clicking the Re-evaluate Repository button in the upper right corner. The time to complete re-evaluation depends on the size of the repository.
During re-evaluation, components that do not have policy evaluations with Fail action for the Proxy stage are released from quarantine.
A component can be removed from quarantine by resolving the violations that caused the quarantine and then releasing the component from quarantine.
View Component Details
Click on an individual component on the Repository Results page to view the Component Details Page. Refer Components Details Page.