Above and beyond the configuration possibilities that are available for Tiles, there are additional advanced configuration options as listed below:
- Configure the ability to request access when not able to log in
- Configure log out dialog box
- Configure the display of all Business Criteria or just Health Factors
- Define the number of violations displayed when "Show All" is clicked
- Choose a default language
- Define custom Action Plan priorities
- Configure session timeout interval
- Add a drop down tag filter list
How to configure the options
The options listed above are governed by a .json file located here (this is the same file that is used to configure Tiles (see Engineering Dashboard tile management).
The options are available at the very start of the file in the "configuration" section:
To modify the options, edit the ced.json/ed.json file with a text editor (Notepad or other similar application). CAST recommends creating a copy of the default ced.json/ed.json file that can be used as a replacement if an error occurs during editing.
Viewing the changes in your browser
There is no need to restart the application server or application itself if you edit and save the ced.json file: changes are immediate on saving the file. However, you may find that the changes are not immediately visible in the Engineering Dashboard. This is because the .json file is loaded into the browser's cache, therefore CAST recommends that you empty your browser cache to force the changes to become visible.
If you are using Google Chrome the following tip can be used to automatically empty the browser cache:
- Tap F12 to open the Developer Tools window at the bottom of the page.
- Click the Settings icon (a cog) to the right of the Developer Tools window
- Tick the Disable cache (while DevTools is open) option and close the Settings window.
- In this state, when you then tap F12 followed by F5 to refresh the page, the browser cache will be automatically emptied.
|Choose a default language||defaultLanguage|
By default, the dashboard language is set to English. Other languages will be available in the Change Language drop down list when a locale is added (see Dashboard localization for more information). When the Change Language option is used, the new language is configuration is stored in the local browser cache, therefore, if the cache is emptied, then the language will reset to the default (which is set to English out of the box).
If you would prefer to have a different language as the default for all users, then change this parameter to match the official name of the locale you have added. You need to ensure that the locale exists as described in Dashboard localization).
|Configure the ability to request access when not able to log in||requestAccess|
Used to determine whether a "Can't access" link is displayed on the login screen. By default this is set to "false" and the link is not displayed. Change this value to "true" to enable the link. This link enables a user who is not able to log in (for example because they have forgotten their login credentials or if they have not yet been granted access) to send an email to the dashboard administrator requesting access:
See Lost password and request access configuration for more information about how to modify the template emails that are sent out when a user uses this option.
|Configure log out dialog box||confirmLogout|
When set to true (default position), this option will force a log out warning dialog box to be displayed when a user selects the log out button:
If you would like to deactivate this confirmation message, simply change:
|Configure the display of all Business Criteria or just Health Factors||filterHealthFactor|
When set to true (default position) only Business Criteria that are categorised as Health Measures will be displayed in the dashboard. All other Business Criteria that are NOT Health Factors will not be displayed:
Setting this option to false will force the display of ALL Business Criteria whether they are categorised as Health Factors or not:
|Define the number of violations displayed when "Show More > All" is clicked||violationsCount|
The violationsCount parameter is taken into account when listing violations in various parts of the dashboard. The default value of 5000 is the upper maximum number of violations that can be displayed. If the number of violations exceeds this value then the "All" option (shown below) is deactivated - this is to prevent a performance hit in the dashboard when a large number of violations exist.
Changing the value will change the upper maximum - i.e. if you are experiencing performance issues when you have many violations to list via the "All" button, then you should reduce the default value.
Note that the value must ALWAYS be above 100.
|Defines how long the session timeout will operate||alertTimeoutInterval|
By default the dashboard will listen for GET or POST requests and when none are detected a timeout will occur. When the timeout occurs a dialog box will be displayed - this indicates (in the upper right corner) how many seconds are remaining before a re-login will be required - the default remaining seconds is set to 10. Clicking Continue will return to the session without requiring a login.
To change the remaining seconds, add the following parameter to the file, where xx = the number of seconds:
For example, 30 seconds has been defined:
|Define custom Action Plan priorities||tag|
The "tag" section governs the"priorities" used when adding a violation to the Action Plan (see Engineering Dashboard - Action Plan). By default, when adding a violation to the Action Plan, the following dialog box is displayed:
It enables you to select one of four default "priorities" for the violations (Extreme, High, Moderate, Low). These priorities, the "Select a priority" text "placeholder" and the "tagType" can all be customized, for example:
Note that the "tagType" parameter governs the name of the column displayed in the Action Plan listing the Priority. By default tagType is seto to "Priority".
|Add drop down tag filter list||ruleTag|
Use the ruleTag option to configure a list of tags (custom tags or tags provided by the Quality Standards Mapping extension) that can be displayed in a drop down filter in the Risk Investigation view:
Click to enlarge
Use the following configuration:
For example, the following configuration adds two tags (OWASP and CWE):