Accessing the Report

Access the Application Composition Report from either the Reports Area, the Organizations and Applications area, or via direct urls.

Reports Area

Log into the IQ Server and click the Reporting icon . If multiple applications have been scanned, you will see all of them here.

You will need to be a member of at least the developer group for the application you wish to see a report for.

The Reporting screen shows several columns:

Application NameLinks to the Application Management Area for the specific application.
ContactThe contact (if applicable) for the corresponding application.
OrganizationLinks to the parent organization for the corresponding application.
Build, Stage Release, and Release ViolationsThese three columns display the violation counts for the most recent evaluations. The counts are broken down by Critical, Severe, and Moderate with text indicating the time (e.g. 2 minutes ago) of the most recent evaluation. Clicking on a violation count opens the Application Composition Report for that stage.

To access the Application Composition Report, click the violation count for the corresponding application and stage (build, stage release, or release).

By default this view will be sorted alphabetically by the application name. In addition to the filter, you can also click on the application or organization columns to sort alphabetically ascending/descending.


Via the Organization & Policies Area

Select Organization & Policies  from the toolbar and select an application. You can access an Application Composition Report for a selected application from the Actions menu as shown in the figure below. The most recent report is available for the different stage(s) at which the application has been evaluated:

If you use the Nexus IQ CLI and don’t specify a stage, it will default to Build. When your evaluation completes and the report is uploaded, it is accessible using the View build report action on the Actions menu.

Reports can also be accessed via enforcement point tools for CI and the repository manager. However, in each of the tools, they will connect to the IQ Server.

Via Direct URLs

Alternatively, the report —or its variations— may also be accessed using any of the following URLs.

NameURLDescription
Report{baseUrl}/ui/links/application/{appPublicId}/report/{scanId}Link to access the Application Composition Report
Embeddable Report{baseUrl}/ui/links/application/{appPublicId}/report/{scanId}/embeddableLink to access the embeddable version of the Application Composition Report.
This report is meant to be embedded within other web pages, and therefore lacks the navigation bar.
PDF{baseUrl}/ui/links/application/{appPublicId}/report/{scanId}/pdfLink to download the PDF version of the report.