fcli-fod-issue-list(1)

Synopsis

fcli fod issue list [--delim=<delimiter>] [--filters-param=<filtersParam>] --rel=id|app[:ms]:rel [--embed=<embedSuppliers>[, <embedSuppliers>…]]… [-i=<status>[,<status>…]]… [[-h] [--env-prefix=<envPrefix>] [--log-file=<logFile>] [--log-level=<logLevel>]] [[--session=<sessionName>]] ] [--store=_variableName _ ] [--to-file=<outputFile>_]] [-q=<SpEL _ _ expression>]

Description

This command allows for listing FoD vulnerability data for a given release. By default, only visible issues will be returned; the --include option can be used to (also) include suppressed or fixed issues. If any such issues are included, the default table output will show (S) and/or (F) for respectively suppressed and fixed issues.

Optionally, additional details may be included in the output using the --embed option, but please note that this may have a significant impact on performance as this will result in additional HTTP requests to FoD for every individual issue, and FoD rate limits may apply to those requests.

In general, performance of this command is largely dependent on the number of issues being retrieved from FoD. The default table output collects all data in memory until all issues have been processed, so it may take a long time before you see any output, and there’s a small risk of running out of memory. Most other output formats (like json, yaml, or csv) output data immediately after each page of issues has been loaded from FoD, resulting in more immediate output.

Options

--delim=<delimiter>: Change the default delimiter character when using options that accept "application[:microservice]:release" as an argument or parameter.
--embed=<embedSuppliers>[,<embedSuppliers>…]: Embed extra issue data. Due to FoD rate limits, this may significantly affect performance. Allowed values: allData, summary, details, recommendations, history, requestResponse, headers, parameters, traces. Using the --output option, this extra data can be included in the output. Using the --query option, this extra data can be queried upon. To get an understanding of the structure and contents of the embedded data, use the --output json or --output yaml options.
--filters-param=<filtersParam>: Server-side queries are automatically generated from the -q / --query option if possible; generated queries can be viewed in the debug log. The --q-param option can be used to override the automatically generated query, for example to further optimize the request. See the Fortify on Demand REST API documentation for information on supported formats.
-i, --include=<status>[,<status>…]: By default, only visible issues will be returned. This option accepts a comma-separated list to allow (also) fixed and/or suppressed issues to be returned, for example --include visible,fixed (to return both visible and fixed issues) or --include fixed (to return only fixed issues). Allowed values: visible, fixed, suppressed.
-q, --query=<SpEL expression>: Only display records for which the given Spring Expression Language (SpEL) expression returns true.
--rel, --release=id|app[:ms]:rel: Release id or <application>[:<microservice>]:<release> name.

Session options:

--session=<sessionName>: Name of the FoD session to use for executing this command. Default value: default.

Output options:

-o, --output=format[=<options>]: Specify output format and options. Available output formats: csv, csv-plain, json, json-flat, table, table-plain, tree, tree-flat, xml, xml-flat, yaml, yaml-flat, expr, json-properties. The 'expr' output format takes a string containing '{property}' placeholders, other output formats take an optional, comma-separated list of properties to include in the output. Use '-o json-properties' on the current command to see available properties.
--store=variableName[=<propertyNames>]: Store the JSON results of this command in a variable. Variables can be managed through the 'fcli util variable' command, and can be referenced using ::variable::[property] on any subsequent command.
--to-file=<outputFile>: Write command output to the specified file instead of stdout.

Generic fcli options:

--env-prefix=<envPrefix>: Environment variable prefix for resolving default option and parameter values. Default value is FCLI_DEFAULT.
-h, --help: Show this help message and exit. Use 'fcli <command> -h' to display help for subcommands.
--log-file=<logFile>: File where logging data will be written. Defaults to fcli.log in current directory if --log-level is specified.
--log-level=<logLevel>: Set logging level. Note that DEBUG and TRACE levels may result in sensitive data being written to the log file. Allowed values: TRACE, DEBUG, INFO, WARN, ERROR.

FCLI: The Universal Fortify CLI

fcli-fod-issue-list(1) Manual Page

Name