Uploading Scan Artifacts

The following procedure describes how to upload your scan artifacts to the Fortify Software Security Center database. For information about how to submit training metadata to Fortify Audit Assistant, see Submitting Training Data to Audit Assistant.

Note: As it adds data to the database, Fortify Software Security Center truncates HTTP responses that contain more than 100,000 characters. Such responses are either cut off at the end, or contain \n\n...\n\n elsewhere in the response. This does not affect downloaded scans. It affects only the data displayed on the Fortify Software Security Center AUDIT page.

Important!  The files you upload to Fortify Software Security Center must not exceed 2 GB.

Important! To upload third-party artifacts, you must have the correct parser configured. For information, see Adding and Managing Parser Plugins.

To upload a scan artifact to the Fortify Software Security Center database:

  1. On the Dashboard or, for new applications, the Applications view, move your cursor to the application version for which you want to upload an artifact, and then select Artifacts from the shortcut menu.

  2. The ARTIFACT HISTORY table lists any and all scan artifacts uploaded for the application version.

  3. Click ARTIFACT.

  4. In the UPLOAD ARTIFACT dialog box, click + ADD FILES.

  5. Navigate to and select one or more (up to five) artifact files to upload.

    If the Sonatype or Debricked third-party parser is enabled, you can select the artifact type from a list.

     

  6. The UPLOAD ARTIFACT dialog box lists the selected files.

  7. To remove a file from the list, click the trash icon for that file. To remove all of the listed files, click CLEAR.

  8. Click START UPLOAD.

    The dialog box displays a progress bar as each file is uploaded.

  9. After your files are successfully uploaded, click CLOSE.

    Note: If a scan artifact requires approval based on analysis result processing rules, it must be approved before Fortify Software Security Center can process it. For information, see Approving Analysis Results for an Application Version.

Viewing File Processing Errors

If there was an error in processing an uploaded artifact, the Status column of the ARTIFACT HISTORY table displays Error Processing, along with a circled number that indicates the number of processing rules violated.

To view information about the processing rules violated:

The Artifact Processing Messages box opens to display details about problems encountered during the upload.

See Also

Downloading Scan Artifacts

Setting Analysis Results Processing Rules for Application Versions

Using an Application Identifier to Upload FPR Files

Using an Application Name and Version to Upload FPR Files