This application scans Fortify SCA log files and provides both a summary and a detailed report.
This document describes how to analyze the Prevoty Results log file, using the tool ScanLog.jar.
- Get a copy of the tool ScanLog.jar from the Prevoty Customer Success Portal here
- Copy ScanLog.jar onto the server running Prevoty
- Get a copy of the Prevoty JVM arguments from the same server
- Get the value for -Dprevoty_log_config. E.g.: /opt/Apache/Tomcat-8.5.5/Prevoty/prevoty_logging.json
- Open the aforementioned file with your favorite text editor
- Get the value for default_log_directory. E.g.: /opt/Apache/Tomcat-8.5.5/
- For the appender ResultJSON get the value for file_path. E.g.: prevoty_json.log
- Combine the value for default_log_directory and file_path from the previous steps. E.g.: /opt/Apache/Tomcat-8.5.5/prevoty_json.log
- This is "the path" to the Prevoty Results log file we will use throughout the rest of the document
ScanLog.jar support the following command line arguments:
- -s (for summary)
- Provides a summary of all security, statistics, and dependency events in the Prevoty Results log file.
- -a (for analyze)
- Provides a detailed analysis of the Prevoty Results log file
- -o (for optimize)
- Provides the possible whitelists for Path Traversal (PT), Command Injection (CMDi), Cross-site Request Forgery (CSRF), Cross-site Scripting (XSS), etc.
- -t (for text)
- Converts the Prevoty Results log file to text format
- -h (for HTML)
- Converts the Prevoty Results log file to HTML format
- -q (for SQL)
- Converts the Prevoty Results log file to a MySQL script, which can be used to load a MySQL database with the Prevoty results for further investigation
- Log on to the server running Prevoty
- Open a terminal
- Go into the directory where you have copied ScanLog.jar
- g.: cd /tmp
- Execute ScanLog.jar with the path and one of the aforementioned parameters. E.g.:
- To get a summary: java -jar ./ScanLog.jar /opt/Apache/Tomcat-8.5.5/logs/prevoty_json.log -s
- To get the analysis: java -jar ./ScanLog.jar /opt/Apache/Tomcat-8.5.5/logs/prevoty_json.log -a
- To get the optimization: java -jar ./ScanLog.jar /opt/Apache/Tomcat-8.5.5/logs/prevoty_json.log -o
- To convert it to text format: java -jar ./ScanLog.jar /opt/Apache/Tomcat-8.5.5/logs/prevoty_json.log -t
- To convert it to HTML format: java -jar ./ScanLog.jar /opt/Apache/Tomcat-8.5.5/logs/prevoty_json.log -h
- To generate the MySQL script: java -jar ./ScanLog.jar /opt/Apache/Tomcat-8.5.5/logs/prevoty_json.log -q
- Executing ScanLog.jar without any parameters will show you the help screen. E.g.:
| ScanLog, Scan Prevoty Results Log file. Version: 3.1.1 - Sat Sep 29, 2018 - PWR Created Usage: java -jar ScanLog.jar <Prevoty Results Log file path> <action> Example: java -jar ScanLog.jar /opt/Prevoty/prevoty_json.log -s Action: -s Summary (default) -a Analyze -h Convert to HTML format output -t Convert to text format output -q Convert to SQL format output -o Optimize for Prevoty Application Configuration file Notes: - It is expected the Prevoty Results Log file is readable. - Written by PWR on his own accord; Prevoty cannot be held liable for any errors, mistakes, omissions, etc. - USE AT YOUR OWN RISK! |
|---|
- jar sends it output to screen, to send it to a text file, you can redirect the output with the greater than sign (>). E.g.:
- To get a summary: java -jar ./ScanLog.jar /opt/Apache/Tomcat-8.5.5/logs/prevoty_json.log -s > ./prevoty_json-summary.txt
- To get the analysis: java -jar ./ScanLog.jar /opt/Apache/Tomcat-8.5.5/logs/prevoty_json.log -a > ./prevoty_json-analysis.txt
- To get the optimization: java -jar ./ScanLog.jar /opt/Apache/Tomcat-8.5.5/logs/prevoty_json.log -o > ./prevoty_json-optimize.txt
- To convert it to text format: java -jar ./ScanLog.jar /opt/Apache/Tomcat-8.5.5/logs/prevoty_json.log -t > ./prevoty_json.txt
- To convert it to HTML format: java -jar ./ScanLog.jar /opt/Apache/Tomcat-8.5.5/logs/prevoty_json.log -h > ./prevoty_json.html
- To generate the MySQL script: java -jar ./ScanLog.jar /opt/Apache/Tomcat-8.5.5/logs/prevoty_json.log -s > ./prevoty_json.sql