Including excluded findings in the assessment file
Scans that take advantage of Intelligent Findings Analytics (IFA) include excluded
findings in the assessments file (ozasmt) by default. This behavior
can be controlled using the include_excluded_findings
property in the
scan.ozsettings file.
Manipulating this property is helpful when a scan results in a particularly large assessment file with many excluded findings.
To include excluded findings in the assessments file:
- In the
<source-data-directory>/config/scan.ozsettings
file, locate the propertyinclude_excluded_findings
and verify its value is"true"
:<Setting name="include_excluded_findings" read_only="false" default_value="true" description="Option to include findings excluded due to IFA into the assessment." type="bool" value="true" display_name="Include IFA excluded findings" hidden="true" />
"True"
is the default value forinclude_excluded_findings
.
To exclude excluded findings from the assessments file:
- In the
<source-data-directory>/config/scan.ozsettings
, locate the propertyinclude_excluded_findings
and edit its value to"false"
.
Sample assessments file when excluded findings are
included:
<AssessmentStats class_total="0" date="" duration="0" error_status="0" language_type="17" line_total="1919" max_vdensity="1058.363731" max_vkloc="17.196456" method_total="0" total_call_sites="0" total_call_sites_informational="0" total_call_sites_not_vulnerable="0" total_excluded_findings="166" total_files="25" total_findings="33" total_high_finding="19" total_high_high_finding="0" total_high_low_finding="0" total_high_med_finding="19" total_low_finding="2" total_low_high_finding="1" total_low_low_finding="0" total_low_med_finding="1" total_med_finding="12" total_med_high_finding="0" total_med_low_finding="0" total_med_med_finding="12" vdensity="1058.363731" vkloc="17.196456">
<VulnType name="Malicious" total_high_finding="1" total_low_finding="0" total_med_finding="0"/>
<VulnType name="Vulnerability.ErrorHandling.RevealDetails.Message" total_high_finding="0" total_low_finding="0" total_med_finding="1"/>
<VulnType name="Vulnerability.Validation.EncodingRequired" total_high_finding="0" total_low_finding="0" total_med_finding="30"/>
<VulnType name="Vulnerability.Validation.Required" total_high_finding="0" total_low_finding="0" total_med_finding="1"/>
</AssessmentStats>
Note
that total_excluded_findings="166"
. If
include_excluded_findings
is set to "false"
, the
value of total_excluded_findings
would be "0"
.Note: The
include_excluded_findings
property is valid only when
use_ifa="true"
.