Viewing SBOM Parts

SBOM Insights provides a list view of the SBOM parts across all buckets in your Organization and provides interactive elements that enable you to explore details about the individual parts. Optionally, you can filter the SBOM list to a specific bucket or any combination of buckets in your Organization.

From the SBOM parts list, you can also select to edit an SBOM part.

Note:SBOM Insights also provides REST API to view all SBOM parts or an individual part. See SBOM Insights API for more information about working with the APIs.

To view the current SBOM parts:

1. Click Manage SBOM in the left navigation panel to open the Manage SBOM page. The SBOM of parts across all buckets in your Organization is displayed in a list grid.
2. (Optional) In the Bucket list, select one or more buckets to view the parts only in those buckets.
3. Examine the list of SBOM parts. The following information is displayed for each part. A hyphen (-) is displayed for any detail whose information is not available or not applicable.

Column

Description

Bucket

The name of the bucket to which the SBOM part belongs.

Part

The name of the SBOM part in componentName version (license) format.

Has linked

Yes or No indicating whether the part is linked to another SBOM part in the same bucket.

Component

The hyperlinked component name and version for the SBOM part. Click the link to open the web page of a component’s third-party project or repository within the appropriate forge.

Licenses

The license(s) associated with the component version. (If available, the SPDX short name is shown for each license.)

Click the hyperlinked license name to view detailed information about the license in the Linux Foundation Projects SPDX license database.

Vulnerabilities

The Vulnerabilities bar graph listing the current counts of security vulnerabilities by severity level for component version. If no known vulnerabilities exist for the version (or this information cannot be obtained), a hyphen (-) is displayed. For more information about the color-coded severity levels, see Severity Levels for Security Vulnerabilities.

To view the list of vulnerabilities associated with the part, click anywhere on the bar graph. A slideout opens, listing the vulnerabilities and their details. See Viewing Security Vulnerability Details for an SBOM Part.

 

The date on which the SBOM part was created or imported in the system.

You can sort the SBOM list chronologically by this column.

Updated On

The date on which the SBOM part was last updated in the system. If the part has not been updated, a hyphen (-) is displayed.

You can sort the SBOM list chronologically by this column.

4. Click a non-linked portion of the row for an SBOM part to open a slideout providing additional details about the part. See Viewing Additional Details for an SBOM Part for a description of this information.
5. Click Refresh as needed to refresh the SBOM list with the latest data.
6. (Optional) Reformat the SBOM list to focus on specific data by column and order. For more information, see Managing Lists in SBOM Insights.
7. (Optional) If you want to manage an SBOM part from this page, do any of the following:
To edit an SBOM part, continue with the instructions in Editing an SBOM Part, starting with step 3 in the section.
To create another SBOM part, continue with the instructions in Creating SBOM Parts Manually. Start with step 3 in the section.

Watch a Demo

For a demonstration of how to view your SBOMs, watch the following video.