-
Notifications
You must be signed in to change notification settings - Fork 10
Home
CxAnalytix, at the current state, is a background process that crawls Checkmarx SAST, SCA (OSA), and Management & Orchestration APIs to obtain data about vulnerabilities. The data is then flattened into a JSON format with the intent to be forwarded to a data analytics platform for analysis. Analysis can be performed on the data alone or in aggregate with other sources of data.
The current implementation writes the flattened data as JSON to a file. The files can be tailed and data forwarded to syslog aggregators such as Splunk or any other platform that can use JSON collections of key/value pairs. The architecture is such that the flattened data is provided as messages to an output implementation, allowing for future implementations for use-cases such as writing to document databases, message queuing, writing in columnar file formats (Parquet, ORC, etc) for Hadoop, etc.
The application is written using C# .Net Core and is therefore executable on Linux or Windows. Several methods of execution are provided:
- Command Line - A one-shot execution that can be executed on demand.
- Windows Service - A service that can be installed on Windows to automatically start and run in the background when Windows is started.
- Linux Daemon - A Daemon with a systemd service definition to automatically start and run in the background with Linux is started.
Please see the Workflow documentation for a description of how the program crawls and collects data.
Currently a running binary is obtained from a build. At some point in the future, a tarball will be provided containing executable artifacts.
The dotnetcore runtime, sdk are required to build and run CxAnalytix. Git is required to checkout the latest code to build.
choco install dotnetcore-runtime.install --version=2.1.15
choco install dotnetcore-sdk
choco install git
Note: you may need to reboot at this point.
Check out the latest code from Github. Pay attention to the paths used here. If you change them then you must make the same changes in other Getting Started steps.
md -force c:\programdata\checkmarx
cd c:\programdata\checkmarx
git clone https://github.com/checkmarx-ts/CxAnalytix.git c:\programdata\checkmarx\CxAnalytix
The code is on your machine, lets build it with the tools you installed previously.
md -force c:\programdata\checkmarx\CxAnalytix\artifacts\Release
dotnet restore c:\programdata\checkmarx\CxAnalytix\CxAnalytix.sln
dotnet publish c:\programdata\checkmarx\CxAnalytix\CxAnalytix.sln -o "c:\programdata\checkmarx\CxAnalytix\artifacts\Release" -c "Release"
Configuration is required before execution. At a minimum, replace the default values for your
- URL
- username
- password
Configure your environment settings in C:\ProgramData\checkmarx\CxAnalytix\artifacts\Release\dotnet.exe.config.
See Configure for in depth configuration documentation.
The CLI will extract analytix from all scans in your Checkmarx instance. Avoid doing this in production without testing first.
cd C:\ProgramData\checkmarx\CxAnalytix\artifacts\Release\
dotnet CxAnalytixCLI.dll
The application logs, and the data files (which are "just" log files) are located at C:\ProgramData\checkmarx\CxAnalytix\artifacts\Release\logs.
Last export date for projects is tracked in a state file on the file system. Your state file is located at C:\ProgramData\checkmarx\CxAnalytix\artifacts\Release\CxAnalytixExportState.json.
If you run the CLI again it will only look for scans since the last check date. Try deleting the state file and running the CLI again to recreate all your data.
HowTo: Configure the installed system.