fcli-sc-sast-scan-start(1) Manual Page

Change the default delimiter character when using options that accept "application:version" as an argument or parameter.

Request generation of server-side diagnostic logs

File containing the payload to be scanned. This must be either an MBS file generated through 'sourceanalyzer -export-build-session', or a package file generated through 'scancentral package'.

If ScanCentral SAST is configured to replace existing scan jobs if jobs are already running for the given application version, this option may be used to override this behavior and keep the existing scan jobs.

Email address to which to send a scan completion notification.

Sensor pool Uuid or Name.

FPR file name to use when publishing the scan results to SSC.

Publish scan results to the given SSC application version once the scan has completed.

SSC token to be used to publish the scan results to SSC. If not specified, the current SSC session token will be used. Note that publishing may fail if the token expires or is revoked before publishing has completed. It is recommended to either use a pre-generated long-lived token, or, if you authenticated using SSC user name and password, to wait for scan completion before running the 'session logout' command.

Fortify Static Code Analyzer scan arguments, see ScanCentral SAST documentation for supported scan arguments for your ScanCentral SAST version. Multiple scan arguments must be provided as a single option argument, arguments containing spaces or that conflict with fcli options like '-filter' must be embedded in single quotes, and local files must be referenced through the '@' prefix. Note that contrary to fcli, scan arguments usually start with a single dash, not double dashes. For example:

--sargs "'-quick' '-filter' '@my filters.txt'"

Specify scan time-out (in minutes) for this scan job. This overrides the default scan time-out configured on ScanCentral SAST.

Version of the sensor on which the payload should be scanned. This option is not supported for MBS files, not recommended for package files generated by ScanCentral Client versions 24.2 and above, but required for package files generated by older ScanCentral Client versions, ideally matching the ScanCentral Client version that was used to generate the package file. If needed, this option can be used to override the sensor version that would be selected by default by ScanCentral SAST, but this is not officially supported and may cause unexpected results.

Name of the SSC session to use for executing this command. Default value: default.

Select output type (csv, table, expr, json, xml, yaml) and optional type arguments.

Store JSON results in an fcli variable for later reference.

Select output style: header, no-header, pretty, no-pretty, flat, no-flat, array, single, border, no-border, md-border.

Write output to the specified file.

Enables both fcli trace logging and the --diagnose option

Prefix for resolving default option values. Default value: FCLI_DEFAULT.

Use 'fcli [command] -h' to display help for fcli (sub-)commands.

Write log output to file. Default: ./fcli.log if logging is enabled.

Set logging level: TRACE, DEBUG, INFO, WARN, ERROR, NONE.

Log mask level: high, medium, low, none. Default: medium. Masking is done on a best-effort basis; no guarantee that all sensitive data will be masked.