CxSAST Troubleshooting & FAQ

Owned by Former user (Deleted)
Last updated: Jul 07, 2021 by Eliezer Basner (Unlicensed)
2 min read

For the most current information about CxSAST v9.4.0, see /wiki/spaces/SAST/pages/3216790805


OData Configuration for Non-English OS

General


 How can I track a user's activity?

There is no per-user log file, but you can track any user's CxSAST activity by running a simple query on the database.

For example, using SQL Server Management Studio, login to the database and go to CxActivityDB > Tables > dbo.Audit_Logins. Run a query to find the relevant user.

 How can I upgrade my database from Express to Standard?

To upgrade your SQL Server from the Express edition to the Standard/Enterprise edition, see SQL Server documentation.

 Where are the server logs?

Server log locations are listed here.

 Where can I find the configuration for the SQL Database of my CxSAST?

In order to check the configuration for the SQL Database, open the following file for editing: 

<Checkmarx Installation Folder>\Configuration\DBConnectionData.config

In this file, in <SystemConnectionStrings> you will find two connection strings for the two Checkmarx CxSAST Databases: CxDB & CxActivity

In each connection string, you will find the following information:

  • Data Source: SQL Server named instance
  • Initial Catalog: Name of the database
  • Integrated Security: Authentication method to SQL Server (true = windows authentication; false = SQL authentication).

When using SQL Authentication, two parameters should be added:

  • User ID
  • Password
 What source code languages and file extensions are supported?

Source code languages and file extensions supported for CxSAST scans are listed here.

 How can I change query Severity?

Using CxAudit, create a query override and change its Severity.

 What are the updates in OWASP Top 10 2017?
OWASP Top 10 2017

Cx Windows Services


 What do I do if all four Cx Services fail to start?

Check the last generated log at: <Checkmarx Installation Folder>\Logs\CxlXXXX.log to check your license validity.

 What do I do if all three Cx Manager's services are up and the CxEngine service fails to start?
 What do I do if all three Cx Manager's services are up and the CxEngine service fails to start?

Check if service 'log-on user' is an administrator on the server.

 What do I do if CxEngine Service is up but all three Cx Manager's services fail to start?

Check that the SQL server holding the Cx Databases is up and running and please check that the <Checkmarx Installation Folder>\Configuration\DBConnectionData.config file contains the correct configuration for DB connection. 

Updating License


 What do I do if after successful update of license, no one can login to the system?

Restart Cx Services and Web Server (IIS or UltiDev).

Web Interface


 What do I do if after successful update of license, no one can login to the system?

Check that the IIS Application Pools and Default Web Site are up and running.

 What do I do if an error message is shown after logging into the system?
  • Check that all Cx system prerequisites for IIS web server components are installed.
  • In IIS, go to default web site and click Authentication, then check that "Anonymous Authentication" is enabled.
  • Check if application pool named "CxPool" is up and running.
  • Open <Checkmarx_installation_Folder>\CheckmarxWebPortal\Web\web.config and check that the URI which is configured for the "CxWSResolver.CxWSResolver" key is correct. To verify it is configured correctly, browse to the URI from a web browser. You should see a web-service screen.

Partial Scans


 What is a partial scan?


 When will a scan be considered as partial?


 Am I missing scan results when my scan if partial?


 What is the 'partial scan indications' feature?


 How can I mitigate a partial scan?


Engine Issues


 What do I do if engine is up but does not scan?

The default port (80) is busy and configuration change is needed.

Report Issues


 What do I do if generating a report is taking long and the busy icon keeps spinning?

If CxManager server and the SQL server hosting Cx Databases are different servers, check the date and time configuration for both servers - the configuration should be identical.

.