Skip to content

QuickStart

Jump to bottom
Nathan Leach edited this page Dec 18, 2020 · 5 revisions

CxAnalytix Quick Start

CxAnalytix performs read-only operations using the SAST REST APIs to obtain vulnerability data. It is therefore possible to execute CxAnalytix locally (e.g. on your workstation) or on a test system without the need to make any production changes. The requirements to execute a test crawl are:

  • Download the latest release binaries
  • Install the .Net core runtime
  • Update the configuration with
    • The URL of your SAST system
    • A username and password has access to the SAST portal

Download the Latest Release

You can obtain the latest release binaries where the release builds are published on GitHub. Unzip the zip package into a directory of your choice.

Install .Net Core Runtime

Installation on Windows

It is possible to download the installer for the .Net Core runtime, or use the Chocolatey package manager to perform the install:

choco install dotnetcore-runtime

Note: you may need to reboot after the install.

Installation on Linux

Microsoft provides detailed documentation explaining how to install the .Net Core runtime on various Linux platforms. If you are not planning on doing any development with the CxAnalytix code, installing the SDK is not required.

Configure the CxAnalytix CLI

Configuration is required before execution. At a minimum, replace the default values for your

  1. Checkmarx URL, including protocol e.g. http://localhost
  2. username
  3. password

Configure your environment settings in dotnet.exe.config.

See the configuration guide for in-depth configuration documentation.

Run the CLI

The CLI will extract vulnerability data from all scans in your Checkmarx instance. While this is a read-only operation, it does consume some resources on the server as the scans are crawled. Performing the first crawl on a production system could cause performance degradation in some cases. It is better to avoid doing this in production without testing first. If you have no system other than a production system, use a single thread to perform scan crawls.

Execute the CLI to perform a crawl with the following command:

dotnet CxAnalytixCLI.dll

View the Log Output

With a default configuration, the application log and the vulnerability data files (which are "just" log files) are located in the .\logs directory.

Check the State Files

Last export date for projects is tracked in a state file on the file system. With a default configuration, the state file is located at .\CxAnalytixExportState.json.

If you run the CLI again it will only look for scans since the last check date for each project recorded in the state file. If the state file is deleted, running the CLI again will perform the entire crawl.

Copyright (c) 2020-2022 Checkmarx, All Rights Reserved

The contents of this Wiki only apply to CxAnalytix versions prior to 2.0.0. New releases include a PDF manual with complete documentation appropriate for each release version. This Wiki is no longer being maintained as of version 2.0.0.

Home

Data Analysis FAQ

Data Field Specification

Deployment Guide

Pseudo Transactions

Installing

Configuring

Troubleshooting

Developers

Platform Integrations

Clone this wiki locally