Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Info

Note that when there are many violations to display, a "Show More" button will be available:

By default, only 10 violations are displayed to improve performance. You can choose to display more using the various options (+10, +100 etc.). By default an upper maximum of 5000 violations is set when the "All" option is clicked. You can change the upper maximum if required (see the violationsCount option in Dashboard wide configuration options in json from the CAST AIP documentation).

 


Finally, depending on the item (Rule, Distribution, Measure), you can do as follows:

...

Select an object in the list of violations to view its source code. In order to focus investigation, source code displayed presents either:

...

  • the object in violation
  • or the violation details when available (e.g. bookmarks, paths).
  • Whenever a piece of code is made available, the View File button (seen in the example below) provides the ability to open the entire source code file to get the entire context. The file is opened in a separate browser window. The entire source code is presented plus some context (application name, snapshot reference, file name).

    The Rule name is also highlighted using colour (yellow for a standard Rule (as shown below), and red for critical):

     


    Info

    Please note that in the current release of CAST AIP, the display of source code is limited in functionality:

    • The source code does not currently show all violations for Rules that reference User Input Security elements, such as:
      • The Rule "Avoid direct or indirect remote calls inside a loop"

    ...

    If a "copy/pasted" Rule has been selected (for example Avoid Too Many Copy/Pasted Artifacts), a list of objects that have a high level of similarity with the selected objects will be listed:

    ...

    This indicates that a "violations index" (on which the feature relies) has not yet been generated. To generate the index the following methods are available:

    Using the "Diagnostic" GUI


    Info

    This method requires that the user has the ADMIN role.

    Use the following URL to access the Diagnostic page:

    Code Block
    languagetext
    http://<server>:<port>/<dashboard>/static/diagnostic.html

    This provides an indication of the violations index status based on the "domain":

    • N/A - the domain is mapped to a Measurement Service schema or the Dashboard Service schema was installed with CAST AIP < 8.3.3)
    • toCreate - no index has ever been created for this domain
    • toUpdate - an index exists for this domain, but it is outdated because a new snapshot has been computed since the index creation
    • upToDate - an index exists and is up-to-date. When this status is shown, the index for the Advanced Search feature is ready and available.

    In the following example the index has never been generated since the status is set to "toCreate":

    Click to enlarge

    Image Modified

    To generate the index, click the Create/Update Index button. During generation the status "Indexing" will be displayed and on completion, the status will change to "upToDate":

    Click to enlarge

    Image Modified

    Using the RestAPI


    Info

    This method requires that the user has the ADMIN role.

    Use the RestAPI client:

    Code Block
    languagetext
    http://<server>:<port>/<dashboard>/static/default.html

    Using the following URI with a PUT will generate the index (where <domain> is more than likely set to AED, unless you have custom domains):

    Code Block
    languagetext
    <domain>/violations-index

    Then use the same URI with a GET will show the index status:

    Image Modified

    Generating the index when the web application starts

    This method will force the violations index to be generated if its status is toUpdate (i.e. the index exists but is out-of-date because a new snapshot has been computed since the index creation) every time the web application is started, i.e.:

    • When the web application host (e.g. Apache Tomcat) starts up or restarts
    • When the web application is restarted through the Apache Tomcat management console
    Note
    CAST only recommends using this option if your Dashboard Service schema is small - since the index is generated during web application startup, this can impact performance.

    Edit the following file with a text editor:

    Code Block
    languagetext
    %CATALINA_HOME%\webapps\<dashboard>\WEB-INF\web.xml

    Set the following configuration to true:

    Code Block
    languagetext
    <context-param>
    	<param-name>rebuildViolationsSearchIndexesOnStart</param-name>
    	<param-value>true</param-value>
    </context-param>

    Save the file. Next time the web application is started the index will be generated.

    Using a custom batch file


    Info

    This method requires that the user has the ADMIN role.

    This method is to be used when you have a configuration in the domains.properties file - i.e. multiple "domains". The custom batch will generate the violations index for all the domains configured in the domains.properties file.

    Create the following batch files in the %CATALINA_HOME%\webapps\<dashboard>\WEB-INF folder an then run the launch.bat file to start the index generation:

    Code Block
    languagetext
    titlelaunch.bat
    @echo off
    @echo Computing Violations Indexes ...
    
    util.bat > util.log
    @echo --------------------------------


    Code Block
    languagetext
    titleutil.bat
    @echo off
    setlocal enableDelayedExpansion
    @echo Automated Violations Indexes Creation
    @echo -------------------------------------
     
    for /F "delims== eol=#" %%D in (domains.properties) do (
    	@echo Process %%D/violations-index
    	start /B titi.bat %%D
    	@echo.
    )

    In the following file (titi.bat), you need to modify the line starting curl to match your environment:

    • Replace user:pwd with a user that has the ADMIN role and their password.
    • Replace http://localhost:8080/<dashboard>/rest/%domain%/violations-index with the URL to your dashboard.
    Code Block
    languagetext
    titletiti.bat
    @echo off
    prompt $_
    setlocal enableDelayedExpansion
    set "domain=%~1"
     
    @echo Start  %domain% !DATE!_!TIME!
    curl -s -u user:pwd -X PUT http://localhost:8080/<dashboard>/rest/%domain%/violations-index
    @echo  is the response from %domain%
    @echo Finish %domain% !DATE!_!TIME!



    Info
    Note that following the generation of a new snapshot, the violations index status will change to toUpdate, therefore CAST recommends regenerating the index to take into account the data available in the new snapshot.

    ...

    When the feature is accessed and the violations index has been generated, the following will be displayed:

    Left hand panelThe left hand panel provides a set of filters that can be used to narrow down the search cope. Filters are explained in XXXX.
    Right hand panel

    The right hand panel list the results of the search. Key points:

    • with no search criteria or filters enabled will show all violations available in the currently selected snapshot indicated by the following text:

    Image Modified

    • a search field is available for you to enter the object name you are searching for. Results in will be updated in real time.

    Image Modified

    • you can download the results to an Excel file for portability requirements:

    Image Modified

    • 20 results are shown. Use the Show More button to display additional results:

    Image Modified

    • the result lists uses the following columns:
    Image Modified
    Option to add/remove the violation from the Action Plan or the Scheduled Exclusion List. Note that to interact with the Action Plan/Scheduled List, your user login must have the role QUALITY_MANAGER/EXCLUSION_MANAGER roles. These can be assigned at user level (when using Default Authentication mode) or via user or group (when using Standard LDAP authentication).
    Action / Exclusions

    Indicates whether the violation has been added to the Action Plan or the Scheduled Exclusion List:

    Image Modified
    Item has been added to the Action Plan.
    Image Modified
    Item has been added to the Scheduled Exclusion List.


    Object Name LocationDisplays the object name, and in the case of file based objects (as oppose to Database objects), the location on disk of the object.
    Status

    Displays the status of the object in comparison to the previous snapshot - e.g.:

    • Added
    • Updated
    • Deleted
    • Unchanged
    Image Modified
    Clicking this icon will take you direct to the object in the Application Investigation view.


    Using filters for the Advanced Search

    The filters available in the left hand panel enable the search scope to be limited. The following filters can be enabled by expanding the section and selecting with a tick:

    Criteria or Rules

    Restrict the scope via a Health Measure, Technical Criterion or Rule (or a combination).

    Displayed results are union of selected Criteria results, with duplicate violations omitted. Sorting is disabled on this section.

    Weight

    Restrict the scope via the weight of the rule in its parent Technical Criterion.

    Criticality

    Restrict the scope via the criticality of the rule (Critical or Non Critical).
    Violation Status

    Restrict the scope to the violation status in the current snapshot: Added, Updated, Unchanged.

    Displayed results are an OR of selected violation status results and AND of other filters selected values (eg : Criteria or rules, Technologies ,Transactions , Critical ,Module) with duplicate violations omitted. Violation status remains selected even after navigating to other views and coming back to Advanced search.

    Transactions

    Restrict the scope to objects that are classed as transactions.

    Technologies

    Restrict the scope to the technologies that are present in the current snapshot.

    Displayed results are an OR of selected technologies results and AND of other filters selected values (eg : Criteria or rules, Modules ,Transactions , Critical ,Violation status) with duplicate violations omitted.

    Modules

    Restrict the scope to a module in the current snapshot.

    Displayed results are an OR of selected module results and AND of other filters selected values (eg : Criteria or rules, Technologies ,Transactions , Critical ,Violation status) with duplicate violations omitted. Module remains selected even after navigating to other views and coming back to Advanced search.


    Info

    Note that an indicator will show how many filters have been selected:

    ...