Custom Detection Rule Dialog
The Custom Detection Rule dialog enables you to create a custom detection rule. You can define custom rules as needed to supplement the internal detection rules used by Automated Analysis to automatically create inventory during a scan. The custom detection rules are saved to the Code Insight Data Library for global use across projects. For complete details about custom detection rules, see Managing Custom Detection Rules.
This dialog is accessed from two locations:
| • | From the Inventory Details tab in the Analysis Workbench for an inventory item of the “component” type—whether system-generated or manually created—to which codebase files have been manually associated (as described in Creating a Custom Detection Rule Within Context of an Inventory Item). |
| • | From Custom Detection Rules tab accessed from the Data Library page on the Code Insight main menu (as described in Creating a Custom Detection Rule from Scratch). |
The ability to edit certain fields depends on how you accessed the dialog. To help explain these differences, the following table designates the two access locations as “Inventory Details tab” and “Custom Detection Rules tab”.
The following describes the columns and actions you can perform from the Custom Detection Rule dialog.
|
Category |
Column/Field |
Description |
|||||||||
|
Component selection |
The following fields describe the component on which the custom detection rule is based.
|
||||||||||
|
Component |
The name of the component on which this detection rule is based. If you accessed this dialog from the Custom Detection Rules tab, click Lookup Component to select the component and its version, license, and forge URL. The License and URL fields are populated accordingly. If you accessed this dialog from the Inventory Details tab, this field is not editable. |
||||||||||
|
License |
The license associated with the component.
|
||||||||||
|
Description |
A description of the component. If you accessed this dialog from the Custom Detection Rules tab, this field is editable. It is not editable if you accessed the dialog from the Inventory Details tab. |
||||||||||
|
URL |
The forge URL for the component. If you accessed this dialog from the Custom Detection Rules tab, this field is editable. It is not editable if you accessed the dialog from the Inventory Details tab. |
||||||||||
|
License, notices, and note content |
The following fields are used to provide license or notice content and any audit notes for the inventory item generated from this rule. These field are editable. If you accessed this dialog from the Inventory Details tab in the Analysis Workbench, these fields might be pre-populated with information from the manually created inventory. However, you can edit this information as needed. |
||||||||||
|
As-Found License Text |
The license content you want to associate with the inventory item. If no Notices Text content is provided, the Notices report uses the information in this field as the license text for the third-party component. For more information, see Finalizing the Notices Text for the Notices Report. |
||||||||||
|
Notices Text |
The exact content to include in the Notices report. This is usually a modification of the content in As-Found License Text. (You can copy the As-Found License Text content to the Notices Text pane and edit it.) If content exists in this field, the Notices report uses it as the license text for the third-party component and ignores any information in the As-Found License Text pane. For more information, see Finalizing the Notices Text for the Notices Report. |
||||||||||
|
Audit Notes |
Any notes you want to add to the inventory item based on your findings during the analysis. |
||||||||||
|
File MD5 list |
(Refer to this field description only if you have accessed this dialog from the Inventory Details tab in the Analysis Workbench to create a rule within the context of an inventory item.) The File MD5 list box is pre-populated with a set of file criteria used for detecting the third-party or OSS component for which the rule is being created. The criteria is based on the MD5 value of each file associated with the inventory item in which context you are creating the rule. To identify which of the displayed criteria the rule should apply, click the checkbox next to each desired criterion. (Clear the checkbox to exclude the criterion from the rule.) At least one criterion must be selected. Consider that, if the custom detection rule is defined with multiple file criteria, the scan uses OR logic when processing the criteria against the target codebase. Consequently, only one file match between codebase and the rule is required to automatically create an inventory item. For a comprehensive list of rule-processing behavior, see Rule-Processing Considerations. |
||||||||||
|
Detection Criteria |
(Available only if you have accessed this dialog from the Custom Detection Rules tab on the Data Library page to create the rule from scratch) Select the type of file criteria that you are specifying to detect the presence of the third-party or OSS component:
The set of file criteria in the rule must be of the same criteria type. If you attempt to set up detection criteria for both types, keep in mind that you lose the criteria for the type that is currently not selected for Detection Criteria when you save the rule. A custom detection rule allows only a single set of criteria (File MD5 or File Path) to exist at any one time. Also consider that, if the custom detection rule is defined with multiple file criteria, the scan uses OR logic when processing the criteria against the target codebase. Consequently, only one file match between codebase and the rule is required to automatically create an inventory item. For a comprehensive list of rule-processing behavior, see Rule-Processing Considerations. |
||||||||||
|
File MD5 grid |
(Available if Detection Criteria is File MD5) Add and manage the file criterion in the grid:
|
||||||||||
|
|
File Path text box |
(Available if Detection Criteria is File Path) Add and manage the file criterion in the text box:
A path pattern consists of the asterisk symbol * within the path, denoting any number of directories or files. For example, the following path pattern indicates that any file with the extension .h under the directory root will be considered detection criteria for the rule. **/root/*.h
|
|||||||||
|
Actions |
The following are actions conclude the rule-creation session. |
||||||||||
|
Save |
Click Save to save the new custom detection rule to the Code Insight Data Library. You will be asked for confirmation to proceed with the creation. |
||||||||||
|
Cancel |
Click Cancel to cancel the rule creation process. You will be asked for confirmation to proceed with the cancellation. |
||||||||||
to switch to another license and, optionally, change the component version. Additionally, click 
to view the details and text of the selected license as stored in the Code Insight Data Library.
at the end of the row for the criterion. 
and enter the file’s path in the new row. You can provide the file’s absolute or relative path or enter a path pattern.
.See Also
Managing Custom Detection Rules
Creating a Custom Detection Rule Within Context of an Inventory Item