Skip to main content

results

The results command enables the ability to manage results in Checkmarx One.

Usage

./cx results[command] [flags]

Available Commands

Flags

Name

Default

Description

--help, -h

help for the results command

results show

The results show command enables the ability to retrieve scan results in Checkmarx One.

Usage

./cx results show [flags]

Flags

Name

Default

Description

--filter <strings>

  • Filter the list of results.

  • Use the “;” sign as the delimiter for arrays.

  • Available filters are:

    scan-id, limit, offset, sort, include-nodes, node-ids, query, group, severity, state, status

  • Options for severity, state, status:

    • severity - High, Medium, Low, Info (Info is only for SAST scanner)

    • state - TO_VERIFY, NOT_EXPLOITABLE, PROPOSED_NOT_EXPLOITABLE, CONFIRMED, URGENT, IGNORED, NOT_IGNORED

    • status - NEW, RECURRENT, FIXED

--help, -h

help for the results command

--output-name <string>

cx_result

Output file

--output-path <string>

"."

Output Path

--report-format <string>

json

Output format

Available formats are:

summaryHTML, summaryJSON, summaryConsole, sarif, json, sonar

--scan-id <string>

Scan ID

Examples

Retrieving all the scan ID’s

./cx scan list
[email protected]:~/ast-cli$ ./cx scan list

Scan ID                              Project ID                           Status    Created at Tags    Initiator                      Origin                 
-------                              ----------                           ------    ---------- ----    ---------                      ------                 
3c028677-5df7-4bd9-8a10-7214ced45670 683c51da-8644-4e27-990f-1128ab911a1b Completed 09-10-21   []      service-account Github                 
c0507cb4-c68a-4db8-9565-5308d409a931 683c51da-8644-4e27-990f-1128ab911a1b Completed 09-10-21   []      service-account Github                 
5ee3482e-b068-4bc5-9671-1c98098b3062 683c51da-8644-4e27-990f-1128ab911a1b Completed 09-09-21   []      service-account Github                 
ecfa07b2-4d81-42c0-92ce-53762041a8ca ea97e0e1-e8e6-4dfa-b928-db7240ec3304 Completed 09-09-21   []      admin                      Chrome 93.0.4577.63    
91c37ebc-7c10-4e0a-b53f-d41b7e09ee76 27364fe1-9294-4b45-b0b5-f5d86baaf223 Completed 09-07-21   [main:] service-account                        Chrome 93.0.4577.63    
50eb0c6f-d0bf-4cb4-88a2-01fd9aac1e51 9ae9cf0d-d732-48d1-b3e0-41b3042d272c Completed 09-07-21   []      admin                      Firefox 91.0           
6d8bbda9-10b6-42c5-833f-cee4d1c1e064 9ae9cf0d-d732-48d1-b3e0-41b3042d272c Completed 09-07-21   []      admin                      Firefox 91.0           
dfa2f175-cb04-46c9-97dd-e3965f3d3868 68040961-b067-4cd9-828c-1dd7f3631791 Completed 09-05-21   []                                     grpc-java-netty 1.35.0 
4b1f27e7-3bb5-440e-8146-2855ba656bfa e7b1f56b-e8a1-476e-b839-b63a01205677 Completed 09-05-21   []      admin                      Chrome 93.0.4577.58    
3e28145e-b091-4548-ad2b-7ff67fff86d6 09ea1eeb-542b-4b08-8b08-bc8a1700d0d9 Completed 09-05-21   []                                     grpc-java-netty 1.35.0 
07ca50a6-7d97-4dde-9e4b-8c184101d2af 09ea1eeb-542b-4b08-8b08-bc8a1700d0d9 Completed 09-05-21   []                                     grpc-java-netty 1.35.0 
feaeb729-d39f-41cb-ab33-eae9a206548f 9f03b287-d314-40f7-8062-514aeac1ae6d Completed 09-03-21   []      admin                         Chrome 92.0.4515.159   
51600234-3934-4a16-b3f1-ca00f2b91862 6f709d6a-b092-4f07-8fda-f33cc64c11f9 Completed 09-03-21   []      service-account                         Chrome 92.0.4515.159   
1b5390f6-35ab-4c7f-947a-0d08e36bc45b 8be305d4-479a-4d46-a028-a326abdc0d37 Completed 09-03-21   []      service-account                         Chrome 92.0.4515.159   
e6f5845b-fba5-4c3c-86f4-a58926ab8d17 7ff92bc1-5039-4815-a39e-1420d6720866 Completed 09-03-21   []      service-account ASTCLI 2.0.0     
df3ade70-c377-4240-8991-93f8bf350797 7ff92bc1-5039-4815-a39e-1420d6720866 Completed 09-03-21   []      service-account ASTCLI 2.0.0     
34d6d48b-5038-45d1-83fc-a4a7f5a4b066 7d900204-4e90-4bf6-b9bc-1c395eaf1d1f Completed 09-03-21   []      service-account Jenkins 2.0.0    
a9d29697-d153-4868-91fa-7333a1a14683 6ff18862-cc00-4246-b6e7-63f3938ba041 Completed 09-02-21   []      admin                      Chrome 92.0.4515.159   
16755930-39d1-431f-9055-14640f72c0ff 7ff92bc1-5039-4815-a39e-1420d6720866 Completed 09-01-21   []      service-account ASTCLI 2.0.0     
35c2f7c9-651a-4b0b-97a9-7789e3663fa1 7ff92bc1-5039-4815-a39e-1420d6720866 Completed 09-01-21   []      service-account ASTCLI 2.0.0     

Retrieving scan results for a specific scan ID

./cx results show --scan-id <scan ID>
[email protected]:~/ast-cli$ ./cx results show --scan-id 3c028677-5df7-4bd9-8a10-7214ced45670
Creating JSON Report:  cx_result.json

[email protected]:~/ast-cli$ ll
drwxr-xr-x 8 user user     4096 Sep 13 16:51 ./
drwxr-xr-x 8 user user     4096 Jun  9 12:27 ../
drwxr-xr-x 2 user user     4096 Apr 26 16:15 cmd/
-rw-r--r-- 1 user user     2012 May  6 18:43 credentials.json
-rwxr-xr-x 1 user user 11382784 Sep  9 14:43 cx*
-rw-r--r-- 1 user user  2608422 Sep 13 16:51 cx_result.json

Retrieving scan results for a specific scan ID using several flags

./cx results show --scan-id <scan ID> --report-format sarif --output-name <file name> --output-path <output file location>
[email protected]:~/ast-cli$ ./cx results show --scan-id 3c028677-5df7-4bd9-8a10-7214ced45670 --report-format sarif --output-name New_Report --output-path "."
Creating SARIF Report:  New_Report.sarif

[email protected]:~/ast-cli$ ll
total 20240
drwxr-xr-x 8 user user     4096 Sep 13 17:37 ./
drwxr-xr-x 8 user user     4096 Jun  9 12:27 ../
-rw-r--r-- 1 user user  1088910 Sep 13 17:37 New_Report.sarif
drwxr-xr-x 2 user user     4096 Apr 26 16:15 cmd/
-rw-r--r-- 1 user user     2012 May  6 18:43 credentials.json
-rwxr-xr-x 1 user user 11382784 Sep  9 14:43 cx*
-rw-r--r-- 1 user user  2608422 Sep 13 16:51 cx_result.json
-rw-r--r-- 1 user user  1088910 Sep 13 17:04 cx_result.sarif

results codebashing

The results codebashing command enables the ability to retrieve Codebashing link from Checkmarx One.

Usage

./cx results codebashing [flags]

Flags

Name

Default

Description

--help, -h

help for the results command

--cwe-id <string>

CWE ID for the vulnerability

--format <string>

json

Output format

Available formats are:

json, list, json

--language <string>

Language of the vulnerability

--vulnerabity-type <string>

Vulnerability type

Examples