-
Notifications
You must be signed in to change notification settings - Fork 10
Home
Nathan Leach edited this page Sep 8, 2022
·
10 revisions
The contents of this Wiki only apply to CxAnalytix versions prior to 2.0.0. New releases include a PDF manual with complete documentation appropriate for each release version. This Wiki is no longer being maintained as of version 2.0.0.
CxAnalytix, at the current state, is a background process that crawls Checkmarx SAST, SCA (OSA), and Management & Orchestration APIs to obtain data about vulnerabilities. The data is then persisted as a flattened JSON format. Analysis can be performed on the data alone or in aggregate with other sources of data.
CxAnalytix currently supports the following data persistence methods:
- Log files (one JSON message per line; useful for locally consuming the data or forwarding the data to a log aggregation platform like Splunk, ElasticSearch, etc.)
- Writing to a document database that implements the MongoDB API
The application is written using C# .Net Core and is therefore executable on Linux or Windows. Several methods of execution are provided:
- Command Line - A one-shot execution that can be executed on demand.
- Windows Service - A service that can be installed on Windows to automatically start and run in the background when Windows is started.
- Linux Daemon - A Daemon with a systemd service definition to automatically start and run in the background with Linux is started.
If you want to evaluate CxAnalytix, please see the quick start guide.