Skip to content

Releases: sysdiglabs/secure-inline-scan-examples

sysdig2sarif 0.2

11 Jun 09:11
997c579
Compare
Choose a tag to compare

What's new

  • Support V1 JSON format (CLI parameter --output=json-file=filename.json)

There are now 2 go scripts (and 2 available binaries), one for the v1beta format (using --json-scan-result=filename.json) and one for the v1 format.


Scan image using Sysdig CLI scanner:

./sysdig-cli-scanner -a <sysdig-secure-url> <image-to-scan> --output=json-file=scan-result-v1.json

then, convert the scan-result.json to SARIF:

./sysdigv1_to_sarif scan-result-v1.json sarif-report.json

For further filtering, check sysdigv1_to_sarif -h:

./sysdigv1_to_sarif -h
Usage of ./sysdigv1_to_sarif:
  -exclude-accepted
        Exclude vulnerabilities with accepted risks
  -group-by-package
        Group by package
  -min-severity string
        Minimum severity (e.g., High)
  -not-type string
        Exclude package types (comma-separated)
  -type string
        Package types (comma-separated, e.g., java, javascript)

Example:

./sysdigv1_to_sarif -exclude-accepted -min-severity high -not-type os scan-result.json sarif-report.json

sysdig2sarif

26 May 11:29
65eda31
Compare
Choose a tag to compare

Scan image using Sysdig CLI scanner:

./sysdig-cli-scanner -a <sysdig-secure-url> <image-to-scan> --json-scan-result=scan-result.json

then, convert the scan-result.json to SARIF:

./sysdig2sarif scan-result.json sarif-report.json

For further filtering, check sysdig2sarif -h:

./sysdig2sarif -h
Usage of ./sysdig2sarif:
  -exclude-accepted
        Exclude vulnerabilities with accepted risks
  -group-by-package
        Group by package
  -min-severity string
        Minimum severity (e.g., High)
  -not-type string
        Exclude package types (comma-separated)
  -type string
        Package types (comma-separated, e.g., java, javascript)

Example:

./sysdig2sarif -exclude-accepted -min-severity high -not-type os scan-result.json sarif-report.json