Performing a Search
- Getting Started
- Search for vulnerable components
- Search Item types, field names and examples
- Search syntax examples:
Getting Started with Advanced Search
You can fine-tune the search query by using a combination of multiple search terms/item types in conjunction with the supported search syntax. Such queries can be used to find specific organizations, applications, components and policies by names, IDs, etc. Advanced Search results do not return policy violations. Use the Violations View on the Dashboard to view policy violations.
Steps to use Advanced Search:
- Go to Advanced Search in the main left navigation bar.
- Click on the Add Search Terms button to start building your query.
- Click on the required search item types and enter the corresponding search value to complete the search criteria.
- Hit Search to view the results
To perform advanced searches using REST API, use Advanced Search REST API.
Advanced Search for components with vulnerabilities
NEW IN RELEASE 136
Selecting any search item type from the Component category will give an option to retrieve:
- All components that match the search criteria or
- Only components that match the search criteria and have security vulnerabilities
Search Item Types, Field Names, and Examples
Refer table below for more information on search item types, field names and corresponding examples to build your search criteria.
Item Type | Field Name | Example |
---|---|---|
ORGANIZATION | organizationId | organizationId:ROOT_ORGANIZATION_ID |
organizationName | organizationName:"Root Organization" | |
APPLICATION | applicationId | applicationId:22951997a36045ab8593e3b6aafb9745 |
applicationName | applicationName:"My Application Name" | |
applicationPublicId | applicationPublicId:MyApplicationPublicId | |
APPLICATION_CATEGORY | applicationCategoryId | applicationCategoryId:319cde35ef9749f4ab99a6473ad10b74 |
applicationCategoryName | applicationCategoryName:Distributed | |
applicationCategoryColor | applicationCategoryColor:yellow | |
applicationCategoryDescription | applicationCategoryDescription:"outside the company" | |
| componentHash | componentHash:f5149f0aaf01daf4bb2f |
componentFormat | componentFormat:maven | |
componentName | componentName:"javax.mail : mailapi : 1.4.2" | |
componentCoordinateGroupId | componentCoordinateGroupId:commons-fileupload | |
componentCoordinateArtifactId | componentCoordinateArtifactId:mailapi | |
componentCoordinateVersion | componentCoordinateVersion:1.2.16 | |
componentCoordinateClassifier | componentCoordinateClassifier:dist | |
componentCoordinateExtension | componentCoordinateExtension:jar | |
componentCoordinateName | componentCoordinateName:"org.webjars bootstrap" | |
componentCoordinateQualifier | componentCoordinateQualifier:cp37-cp37m-win32 | |
componentCoordinatePackageId | componentCoordinatePackageId:loadash | |
componentCoordinateArchitecture | componentCoordinateArchitecture:x86_64 | |
componentCoordinatePlatform | componentCoordinatePlatform:ruby | |
COMPONENT_LABEL | componentLabelId | componentLabelId:0d3f4015332e4b298ac1ed95c12ff3a3 |
componentLabelName | componentLabelName:Architecture-Cleanup | |
componentLabelColor | componentLabelColor:orange | |
componentLabelDescription | componentLabelDescription:"relics of a build" | |
POLICY | policyId | policyId:b4ca64a8b8264f03b65127016859b2a2 |
policyName | policyName:Component-Unknown | |
policyThreatCategory | policyThreatCategory:security | |
policyThreatLevel | policyThreatLevel:10 | |
SECURITY_VULNERABILITY | reportId | reportId:a6860277aa844ab5af8bfef041f7e6e5 |
policyEvaluationStage | policyEvaluationStage:Build | |
vulnerabilityId | vulnerabilityId:CVE-2014-3625 | |
vulnerabilityStatus | vulnerabilityStatus:Open | |
vulnerabilitySeverity | vulnerabilitySeverity:7.1 | |
vulnerabilityDescription | vulnerabilityDescription:"directory traversal" | |
N/A | itemType | itemType:ORGANIZATION |
Search Syntax
Example for single field search
fieldName:value
fetches results where each result has fieldName
exactly matching value
.
Default search term for single field search is vulnerabilityId.
If no fieldName
is specified, then the vulnerabilityId
is used, and the equivalent search term is considered to be:
vulnerabilityId:value
Boolean operators for single fields is + meaning each result must satisfy this condition +fieldName:value
Example for multiple fields search
fieldName1:value1 AND fieldName2:value2
fetches results where each result has fieldName1
with exactly value1
and has fieldName2
with exactly value2
Boolean operators for multiple fields are listed below:
AND
or&&
meaning each result must satisfy both conditions i.e.fieldName1:value1 AND fieldName2:value2
fieldName1:value1 && fieldName2:value2
OR
or||
meaning each result must satisfy one condition or the other condition i.e.fieldName1:value1 OR fieldName2:value2
fieldName1:value1 || fieldName2:value2NOT
or!
or-
meaning each result must not satisfy the condition i.e.fieldName1:value1
NOT fieldName2:value2
fieldName1:value1 ! fieldName2:value2
fieldName1:value1 - fieldName2:value2
Boolean operators are case-sensitive.
Default operator: If no boolean operator is specified, then the default boolean operator OR is used. Example:
fieldName1:value1 fieldName2:value2
is equivalent to searching for
fieldName1:value1 OR fieldName2:value2
Example for using Boosting Operator
A boosting operator is used to specify the relevancy order for the search results. You can boost a term within a query to increase its relevance by changing the order in which it appears in the results. Example:
fieldName1:value1^x OR fieldName2:value2
fetches results where each result has fieldName1
with exactly value1 boosted by x
or has fieldName2
with exactly value2
.
Note that x
, must be positive, may be fractional, and is by default one.
Example for searching for multiple phrases separated by whitespace
fieldName:"value1 value2"
Using quotes encasing the values fetches results where each fieldName
matches the exact phrase "value1 value2".
This can be used for fields like descriptions.
Example for search using wildcards * and ?
fieldName:v*
fetches results where each result has fieldName
with a value starting with v and following with zero or more of any character
fieldName:v?
fetches results where each result has fieldName
with a value starting with v and following with any single character
Example for search using regular expressions (regex)
fieldName:/regularExpression/
fetches results where each result has fieldName
with a value matching regularExpression
Example for search using fuzzy expressions
fieldName:value~x
fetches results where each result has fieldName
with some value within x
edits of value
.
Note that the maximum number of edits can range between zero and two i.e. 0 ≤ x ≤ 2
. If no maximum number of edits is specified, then the default maximum number of edits of two is used i.e.
fieldName:value~
is equivalent to fieldName:value~2
Example for search using proximity expressions
fieldName:"value1 value2"~x
fetches results where each result has fieldName
with value1
and value2
within x
words of each other. These kinds of searches are most effective with fields consisting of multiple words, like description fields.
Examples for search based on range
Example 1:
fieldName:[value1 TO value2]
fetches results where each result has fieldName
with a value between value1
and value2
inclusive.
Example 2:
fieldName:{value1 TO value2}
fetches results where each result has fieldName
with a value between value1
and value2
exclusive.
Examples for search by grouping values
Example 1:
fieldName:((value1 OR value2) AND value3)
fetches results where each result has fieldName
with value3
as well as value1
or value2
.
Example 2:
(fieldName1:value1 OR (fieldName2:value2 AND fieldName3:value3))
fetches results where each result has either fieldName1
with value1
or fieldName2
with value2
in addition to fieldName3
with value3
.
These kinds of searches are most effective with fields consisting of multiple words, like description fields.
Example to escape characters while building the search query
The current list of special characters, delimited by spaces is:
+ - && || ! ( ) { } [ ] ^ " ~ * ? : \ /
To escape any one of these, use a single backslash \
before it e.g. to escape + use \+