TechQA.

How can I extract a very simple sourceanalyzer / fortify report that only gives defect counts?

1.2k views Asked by At

I need to be able to easily track a change in defect counts between builds. My idea was to extract the counts for critical, high, medium, and low severity defects with a report. All of the report templates I can find are complex, and I'm not seeing a way to generate a custom one through AWB.

Alternatively, if there is a way to determine if there are new issues and what severity they are, that would be great, too.

The purpose of this is to run a weekly job on our build server and trigger an email if there are any new issues found and/or if the issue counts for each severity are above a threshold.

birt fortify sourceanalyser
Original Q&A
1

There are 1 answers

2
p4r1 On BEST ANSWER

The standard Fortify installation includes a FPRUtility.bat that can be used for querying an .fpr file for the information needed. Getting the number of critical, high, medium, and low issues involves writing a custom query for each of these counts:

FPRUtility.bat -project [Your .fpr file] -information -search -query "[fortify priority order]:critical"
FPRUtility.bat -project [Your .fpr file] -information -search -query "[fortify priority order]:high"
FPRUtility.bat -project [Your .fpr file] -information -search -query "[fortify priority order]:medium"
FPRUtility.bat -project [Your .fpr file] -information -search -query "[fortify priority order]:low"

These can likely be combined into a single command, but this will spit out either "No issues matched search query" if no issues of the given severity exist or "# issues of # matched search query".

Related Questions in BIRT

Related Questions in FORTIFY

Related Questions in SOURCEANALYSER

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions