The Analysis Workbench Layout
The following is a view of the Code Insight Analysis Workbench, showing the various areas of the page:
After you click Analysis Workbench, the following information appears in the panes of the page:
|
•
|
Codebase Files—Allows you to browse a tree of the project’s scanned files that you uploaded or synchronized to the Scan Server or that were scanned remotely by a Code Insight scan-agent plugin. |
|
•
|
The project’s codebases scanned by a Scan Server are listed under the Scan Server’s root node, identified by the Scan Server alias and the server host instance in the format <scanServerAlias> on <scanServerHost >. |
|
•
|
The remote codebases scanned by a scan agent are listed under the agent’s root node, identified by a unique alias name for the scan agent and the instance on which the agent is hosted in the format <scanAgentAlias> on <scanAgentHost>. |
|
•
|
File Search Results—Shows the results of file searches. There are several types of file searches that can be performed. Click a file to see the file’s content and evidence in the File Details panel. |
|
•
|
File Details—Shows the actual content of scanned (non-binary) files, including evidence highlighted in color. Here an analyst can research where the code came from to ultimately create an inventory item explaining the scan findings. |
|
•
|
Inventory Items—Displays a quick view of all the inventory identified in the codebase. Click the name of any item listed in the Inventory Items pane to display the inventory details for that item. |
|
•
|
Inventory Details—Shows information about the selected inventory items identified and used by this codebase. |
|
•
|
Evidence Details—Displays evidence that was uncovered by the scan, which is organized and sortable. Click Evidence Details, and the middle pane of the Analysis Workbench displays details about the evidence. To filter the files in the File Search Results to focus attention on a particular finding, select one or more evidence instances (rows) and click Search Files. For more information, see Filtering the Codebase by a One or More Specific Instances of Evidence. |
Note:Currently, open-source and third-party evidence is available only for files scanned by the Scan Server, not for files scanned by a Code Insight scan-agent plugin on a remote system.
|
•
|
Legend—Provides a color key for the various types of evidence and for file-review status referenced in the Analysis Workbench. The Legend is interactive. You can click it to filter what appears in the File Search Results pane. |
Note:Some source files contain indications that they are data files, generated code, or common code that is widely used in many open source projects. In those cases, Code Insight records the fact that source matches exist but does not store all of the source match data. These files are indicated in the Analysis Workbench with an icon (
).