Performing an Advanced Inventory Search
Code Insight provides the Advanced Inventory Search dialog that enables you to filter the list of published inventory items to those of interest based on many available criteria—inventory attributes, selected license attributes, as well as associated security vulnerabilities, tasks, Docker layers, and security alerts. In this way, you can easily focus on only those inventory items in which you are interested within the list of published items. The following procedure shows you how to access and use this dialog.
To filter published inventory, do the following:
|
1.
|
Open the Project Inventory tab for the desired project (see Displaying Project Inventory). The Inventory Items pane appears, showing the list of inventory items. |
|
2.
|
Click the Advanced Search button above the list of inventory items. |
The Advanced Inventory Search dialog is opened.
|
3.
|
From this dialog, select search criteria as needed from the following categories. For a detailed description of the search criteria, see Advanced Inventory Search Dialog. |
|
•
|
Inventory Items—Search for inventory items of a certain name (or string), review status, priority, type, creator, dependency scope, age, usage, license ranking order, confidence level, or that have open vulnerability alerts and work items. (For details on alerts and work items, see Managing Security Vulnerability Alerts and Creating and Viewing External Work Items for a Project Inventory Task.) |
If you entered a name filter in the Inventory Name field on the Inventory Items pane, it is automatically displayed for the Inventory Name filter on the Advanced Inventory Search dialog. (Likewise, if you enter a name filter on the Advanced Inventory Search dialog, it is copied to the Inventory Items pane.) This behavior enables you to keep the name filter persistent. However, you can remove or replace this filter as needed in either location.
|
•
|
Inventory Tasks—Search for inventory items that have been assigned tasks. You can refine the search to locate inventory with open or closed tasks, tasks of a certain age or type (such as manual reviews or source-code remediation), tasks assigned to a specific user, or tasks created by a specific user. |
|
•
|
Docker Layers—Search for inventory items with Docker layers that match the Docker layers you specified or selected from the Docker Layers dropdown list. The Docker Layers section is accessible or available only if a Docker plugin scan is performed successfully in Code Insight. |
|
•
|
Inventory Custom Fields—Search for inventory whose custom inventory fields contain the value you specify as criteria (or contain no value). Custom inventory fields are defined specifically for your site. If no such fields have been defined this section is not visible. |
|
•
|
Security Vulnerabilities—Search for inventory items that have vulnerabilities of a certain vulnerability ID, CVSS severity, or age. (Note that list of available severities for Security Vulnerability Severity varies depending on the CVSS version being used by Code Insight. The picture above shows the severities for CVSS v3.x. See Working with Security Vulnerabilities for details.) |
|
•
|
Licenses—Search for inventory items that have licenses of a certain of a certain name or license priority. |
|
4.
|
In Apply Criteria field, select the boolean operator to apply to the criteria: |
|
•
|
Or—To be included in the search results, an inventory item must contain at least one of the criteria you selected on this dialog. |
|
•
|
And—To be included in the search results, an inventory item must meet all the criteria across the advanced search, as selected in this dialog. (This is the default operator.) |
|
5.
|
Click Apply to filter the inventory on the Inventory Items pane to display only those inventory items that meet the selected criteria. |
|
6.
|
To refresh the Inventory Items pane to show all inventory items, click Show All Items. |