Firebird database structure

When scan results are exported into a Firebird database structure, they can be viewed using one of many ODBC and JDBC database viewers. The structure of the relevant database components is illustrated in the figure below, and described in the following sub-sections.

Note: Some fields in the database are internal AppScan® fields and not relevant to the user. These fields are marked "AppScan® Internal" in the tables following.

Representation of the exported Firebird database structure

Field Name	Explanation/Comments
ID	AppScan® ID for the directory
NAME	Directory name
PARENTID	Directory in which this directory is contained (if this is a sub-directory)
PATH	Directory path
DIRTYPE	Directory type: Host/Application

Files

The Files section of the database contains a line for each file.


Field Name	Explanation/Comments
ID	AppScan® ID for the file
FILENAME	Filename
PARENTID	ID of the directory that contains this file

Comments

The Comments section contains a line for each HTML comment found in the site page.


Field Name	Explanation/Comments
ENGINEID	AppScan® ID for the comment
FILEID	ID of file where comment was found
SHORTTEXT	Text of comment (may be truncated)

Cookies

The Cookies section contains a line for each cookie found.


Field Name	Explanation/Comment
ID	AppScan® ID for the cookie
REQCOOKIEID	AppScan® Internal
RESPCOOKIEID	AppScan® Internal
NAME	Name of cookie file
COOKIEVALUE	Value of cookie
SETINURL	Source URL for the cookie
FILEID	AppScan® ID of the file where the cookie is saved
PATH	Path attribute of cookie
COOKIEDOMAIN	Domain attribute of cookie
EXPIRES	Date cookie expires
SECURE	Secure attribute of cookie

Issue types

The Issue Types section contains a line for each issue found.


Field Name	Explanation/Comment
ENGINEID	AppScan® ID for this issue
NAME	Issues name as it appears in the GUI
INVASIVE	Whether issue is invasive: Y/N
SEVERITY	Severity code of this issue as shown in the AppScan® GUI: 4 = All 3 = High 2 = Medium 1 = Low 0 = Informational
THREATCLASS	Threat classification as it appears in the GUI
THREATCLASSREFERENCE	URL to Internet reference on this classification (if relevant)
REMEDIATIONTYPEID	AppScan® ID for the Remediation Type
ADVISORYID	AppScan® Internal
ENTITYTYPE	AppScan® Internal
INFRASTRUCTURE	AppScan® Internal

Javascript

The Javascript section contains a line for each Javascript found in the site pages.


Field Name	Explanation/Comments
ENGINEID	AppScan® ID for the Javascript
FILEID	ID of file where Javascript was found
SHORTTEXT	Text of Javascript (may be truncated)

Remediation types

The Remediation section contains a line for each Remediation.


Field Name	Explanation/Comments
ENGINEID	AppScan® ID for the remediation type
NAME	Name of the remediation type as it appears in the GUI
REMEDIATIONPRIORIY	Remediation priority code (1=highest)

Requests

The Requests section contains a line for each test request sent.


Field Name	Explanation/Comments
ENGINEID	AppScan® ID for the test request
FILEID	AppScan® ID of the file to which the request was sent
URL	URL of the request
QUERY	Parameters sent in the request
STATUS	AppScan® Internal
REASONID	AppScan® Internal
XMLTYPE	AppScan® Internal
LOGINTYPE	AppScan® Internal

Script parameters

This section contains a line for each parameter that was sent in test request.


Field Name	Explanation/Comments
ENGINEID	AppScan® ID for the parameter
FILEID	ID of file where parameter was sent
NAME	Actual parameter that was sent
PARAMETERTYPE	Parameter type: Get/Post

Variants

The Variants section contains a line for each variant.


Field Name	Explanation/Comments
ENGINEID	AppScan® ID for the variant.
ENTITYNAME	Name of cookie to which variant sent (is applicable)
FILEID	ID of file to which variant was sent
ISSUETYPE	Issue type name as it appears in the GUI
REMEDIATIONTYPE	AppScan® Internal
SEQUENCEINDEX	AppScan® Internal