fcli-sc-sast-scan-start(1) Manual Page

Enable collection of debug (diagnosis) logs for this scan job.

Change the default delimiter character when using options that accept "application:version" as an argument or parameter.

File containing the payload to be scanned. This must be either an MBS file generated through 'sourceanalyzer -export-build-session', or a package file generated through 'scancentral package'.

If ScanCentral SAST is configured to replace existing scan jobs if jobs are already running for the given application version, this option may be used to override this behavior and keep the existing scan jobs.

Email address to which to send a scan completion notification.

Sensor pool Uuid or Name.

FPR file name to use when publishing the scan results to SSC.

Publish scan results to the given SSC application version once the scan has completed.

Fortify Static Code Analyzer scan arguments, see ScanCentral SAST documentation for supported scan arguments for your ScanCentral SAST version. Multiple scan arguments must be provided as a single option argument, arguments containing spaces or that conflict with fcli options like '-filter' must be embedded in single quotes, and local files must be referenced through the '@' prefix. Note that contrary to fcli, scan arguments usually start with a single dash, not double dashes. For example:

--sargs "'-quick' '-filter' '@my filters.txt'"

Specify scan time-out (in minutes) for this scan job. This overrides the default scan time-out configured on ScanCentral SAST.

SSC CI Token used to publish the scan to SSC on scan completion. By default, the current session token will be used.

Version of the sensor on which the payload should be scanned. This option is not supported for MBS files, not recommended for package files generated by ScanCentral Client versions 24.2 and above, but required for package files generated by older ScanCentral Client versions, ideally matching the ScanCentral Client version that was used to generate the package file. If needed, this option can be used to override the sensor version that would be selected by default by ScanCentral SAST, but this is not officially supported and may cause unexpected results.

Name of the ScanCentral SAST session to use for executing this command. Default value: default.

Specify output format and options. Available output formats: csv, csv-plain, json, json-flat, table, table-plain, tree, tree-flat, xml, xml-flat, yaml, yaml-flat, expr, json-properties. The 'expr' output format takes a string containing '{property}' placeholders, other output formats take an optional, comma-separated list of properties to include in the output. Use '-o json-properties' on the current command to see available properties.

Store the JSON results of this command in a variable. Variables can be managed through the 'fcli util variable' command, and can be referenced using ::variable::[property] on any subsequent command.

Write command output to the specified file instead of stdout.

Environment variable prefix for resolving default option and parameter values. Default value is FCLI_DEFAULT.

Show this help message and exit. Use 'fcli <command> -h' to display help for subcommands.

File where logging data will be written. Defaults to fcli.log in current directory if --log-level is specified.

Set logging level. Note that DEBUG and TRACE levels may result in sensitive data being written to the log file. Allowed values: TRACE, DEBUG, INFO, WARN, ERROR.