Starting from CxSAST 9.4, customers can gather various scan-related metadata, including the scan coverage and performance. By default, gathering the metrics is enabled and the metrics are saved in the database.
Customers can retrieve the metrics data using the GET endpoints described below. Please note that this data can only be retrieved using REST API version 3.
If a customer chooses to disable this feature, as described below, the metrics from subsequent scans will not saved in the database, and GET API calls will return a “No scan metrics found” error. However, the user can still retrieve the metrics from previous scans which occurred when the feature was enabled.
Upcoming features might require using the data gathered during the scans and it is therefore recommended to keep this feature turned on. |
To enable this option:
To disable this option:
To retrieve the scan metrics the user must have View Results permission.
The following API calls receive scanId as a parameter and return the specific metrics about the scan.
Endpoint | Description |
---|---|
/sast/scans/{id}/statistics | Gets the basic metrics of a scan |
/sast/scans/{id}/parsedFiles | Gets the detailed metrics for parsed files |
/sast/scans/{id}/failedQueries | Gets the detailed metrics for failed queries |
/sast/scans/{id}/failedGeneralQueries | Gets the detailed metrics for failed general queries |
/sast/scans/{id}/succeededGeneralQueries | Gets the detailed metrics for successful general queries |
.