Overview
The Application global Search provides a set of five dedicated searches for each of your resource types - packages, artifacts, builds, and Release Bundles and a dedicated Security and Compliance search for viewing scanned resource results.
The active Search view changes according to the resource page you are currently viewing and displays results for the repositories on which you have permissions to view. For example, the Packages Search is active when you are in the Packages page.
Product-Specific Requirements
The following search types require the following be installed with their associated licenses:
- Release Bundles Search: Requires JFrog Distribution be installed with an Enterprise+ license.
- Security & Compliance Search: Requires JFrog Xray be installed with a Pro X, Enterprise with Xray, or an Enterprise+ license.
Search Syntax
The Application Search supports the following syntax:
- Supports a keyword-based search
- Search terms are case-sensitive.
- Supports * and ? wildcards to help you narrow down your search. For example, when searching for a package named
angular, typingan*,angula?will returnangularas a result.
Viewing Your Recent Searches
When you first start, your search is initially empty. Once you start adding searches, they are saved and viewable in the Recent searches drop down for future reference.
Supported Search Methods
The search supports the following search methods.
Free-Text Search
You can search by using one or more words, terms that include wildcard symbols and Boolean expressions.
Advanced Search Using Filters
Narrow down your search results for complex searches by setting filters in the the advanced filtered search. The search contains filters that apply to all the resources, for example, name and data range, and resource-specific filters. For example you can search for all the Docker images in your docker-local repository that have a specific Docker tag.In the Advanced Search, selecting or typing a search criteria, displays the criteria syntax in the Search line area. For example, Docker from the Type List, added the docker pkgType:docker keyword to the search bar.
Search by Keywords
You can search by using a set of predefined keywords. All you have to do is click in the search box and type the keyword or multiple keywords within the search. For example, you can search for all Docker packages in the Docker-local repository by typing: pkgType:docker repo:docker-local.
The Advanced search filter is also based on these keywords. Selecting a filter in the Advanced search displays the keyword in the search bar.
The following table contains the full list of keywords.
| Name | Description | Packages | Artifacts | Builds | Release Bundles | Security & Compliance |
|---|---|---|---|---|---|---|
| pkg | Searches according to a package type. |  | | |||
| repo | Searces according to the repository type - local, remote, virtual, or distribution. For example: | | | |||
| checksum | Searches according to the checksum of the package or artifact. | | | |||
properties | Searches for artifacts that are annotated with properties. | | ||||
before | Searches for resources that were created before the specified date. For example: pkg:docker before:2019-01-03 returns results for Docker packages created before this date. | | | | ||
after | Searches for resources that were created after the specified date. | | | | ||
cve | Searches for resources that have the specified issue. | | ||||
license | Searches for resources containing the specified license. | | ||||
severity | Searches for resources contain a violation with a specific severity level. For example: severity:medium,high returns results for resources containing security violations with Medium and High severity levels. | |
The following table contains dedicated Artifact keywords:
| Keyword by Search Type | Supported Package Type | Supported Values |
|---|---|---|
Artifacts | ||
searchType | Packages, Archive, Properties, Checksum, JCenter, or Trash. | |
Artifacts > Packages | ||
version | All Packages | Searches for artifacs according to a specific version. |
category | Chef | Free text |
platform | Chef and Conda | Free text |
user | Conan | Free text |
channel | Conan | Free text |
os | Conan | Free text |
arch | Conan, Conda, Debian, Opkg, RPM | Free text |
buildType | Conan | Free text |
compiler | Conan | Free text |
| Debian, Opkg | Free text |
maintainer | Debian, Opkg | Free text |
dist | Debian | Free text |
component | Debian | Free text |
digest | Docker | Free text |
v1 | Docker | Free text |
appVersion | Helm | Free text |
groupID | Maven | Free text |
artifactID | Maven | Free text |
classifier | Maven | Free text |
scope | npm | Free text |
keywords | npm | Free text |
boxProvider | Vagrant | Free text |
Artifacts > Archive Entries | ||
path | Free text | |
| Indicates whether to search according to class resources only. | |
| Indicates whether to exclude inner classes are part of the search. | |
| Indicates whether the search pattern needs to be searched as a checksum | |
Search By Resource Type
Package Search
You can specify the following parameters for your search:
Type | Select the package from the Type list. |
Package Name | Type the package name. |
Version | Type the package version (e.g. 1.0.0). This field is enabled after you enter the Package Name. |
Repositories | Limit the packages to display for the selected package type. The list displays repositories on which you have permissions. |
Checksum | Type the package checksum value. |
Build Search
You can specify the following parameters for your search:
Name | Type the build name. |
From/To | Select the date range between two dates in which the build was deployed. |
Artifacts Search
Use the Search Type filters to narrow down your artifact results. Each search type offers a set of input fields corresponding to the type of search you have selected to help narrow down your search.
The artifact search results are displayed in a dedicated view. For each resource in the list, click the arrow on the far right to perform one of these actions on the resource:
- View the resource contents. For example, a JSON file.
- View the resource in the Artifact tree.
- Delete the resource.
The following search types are supported:
Quick Search
Using Quick Search you can search for artifacts by name. Select Quick, enter your search term and then click Search.
You can specify the following parameters for your search:
Name | Type the name of the artifact. You can use ? and * as wildcards |
Repositories | Select specific repositories from the Repositories list to narrow down your search |
Archive Search
Archive search performs a search for all the files that match your search parameters and are located in the archive folder. Typical examples are a zip or jar file, however, all file types defined in the MIME types configuration are supported. You can specify the following parameters for your search.
Name | The term to search for within the file name. |
Path | Allows you to specify a path filter for the search. For example, Org/JFrog. |
Search Class Resources Only | When selected, only class resources are searched. Any other file type is filtered out of the search. |
Exclude Inner Classes | When selected, inner classes are excluded from the search. |
Repositories | Limits search to the specified repositories. |
View the source file
You can hover over a class file and select View to view the corresponding source file if it's available.
Package Search
Package search enables you to run a search based on a specific packaging type. For each type, you can specify search parameters based on the relevant metadata for the selected package type. For example, Helm search is suitable for searching through Helm Chart repositories.
Under the hood
Package search is based on standard properties that Artifactory attaches to packages according to their type. For example, when searching for NuGet packages, Artifactory is actually matching the search terms to the values for the nuget.id and nuget.version properties that should be attached to every NuGet package.
Limitation
Package search does not currently work on remote repository caches for RubyGems, PyPI and Debian repositories.
The following table displays the parameters you may use for each package type:
| Search type | Search parameters |
|---|---|
Alpine | Package name, Version, Repositories, Checksum |
Bower | Package name, Version |
Chef | Name, Version, Category, Platform |
CocoaPods | Package name, Version |
Composer | Package name, Version |
Conan | Package name, Version, User , Channel, OS, Architecture, Build Type, Compiler |
Conda | Package Name, Version, Arch, Platform |
CRAN | Package Name, Version |
Debian | File name (without the .deb extension), Distribution, Component, Architecture |
Docker | Full Image Namespace, Image Tag, Image Digest |
Gems | Package name, Version |
Go | Package Name, Version |
Helm | Helm Chart Name, Helm Chart Version, App Version |
Maven GAVC | Group ID, Artifact ID, Version, Classifier |
Npm | Package name, Version, Scope |
NuGet | Package ID, Version |
Opkg | Package name, Version, Architecture, Priority, Maintainer |
PyPI | Package name, Version |
RPM | Package name, Version, Architecture, Release |
Vagrant | Box Name, Version, Provider |
All these search fields support the ? and * wildcard characters.
Package search as an AQL query
For most package formats, package search is implemented as an AQL query. After searching, click the AQL Query button to view the AQL query used in the search. You may also click the Copy icon in the AQL code snippet to copy the query to your clipboard.
Limit search to specific repositories
When limiting search to specific repositories, you can select repositories with the corresponding package type. Package search depends on those repositories having the correct layout. Searching through repositories with the wrong layout will have unpredictable and unreliable results.
The example below shows the results of searching for any Docker image with latest in its name:
Property Search
Requires an Artifactory Pro license and above.
You can search for artifacts or folders based on Properties assigned to them, whether they are standard properties assigned by Artifactory, or custom properties which you can freely assign yourself.
To define your search parameters, click Add Property and in the Key field, enter the name of the property to search for, or select one from the list provided.
Then, in the Value field, set the value you are searching for in the specified property. To add more properties to the search use the Add Property.
You can repeat this process to specify any number of properties and values for your search.
Wildcards can be used in the Property Value field
You can use the ? or * wildcards in the Value field.
Combining Properties and Values
Properties can be combined using the AND operator.
AND operator.This means that only artifacts that meet all the search criteria specified will be found.
This example shows a search for artifacts that have a build.number property with a value of 2.
Checksum Search
You can search for artifacts based on MD5, SHA1 or SHA2 checksum value. This can be especially useful if you want to identify an artifact whose name has been changed.
Wildcard characters are not supported in Checksum Search, so the term entered in the search field must be valid MD5 or SHA1 value.
This example shows a search for an artifact using its SHA1 checksum.
JCenter Search
Bintray is JFrog's software distribution platform. Using this free cloud-based service, you can publish, download and share your binaries with the developer community.
For more details, please refer to the JFrog website Bintray page.
Artifactory provides a direct connection to Bintray's JCenter repository which contains a comprehensive collection of popular Apache Maven packages.
To search for packages on Bintray, select JCenter as the Search Type and enter the name of the package you are looking for.
You can hover over any search result and click Show in Bintray to display the selected artifact in Bintray.
Trash Search
You can search for artifacts you have removed to the trash can by selecting Trash as the Search Type.
Enter the artifact's name in the Query field, or select the Checksum Search check box and type the artifact's checksum.
Release Bundles Search
Requires JFrog Distribution be installed with an Enterprise+ licence.
You can search for distributable and received Release Bundles within a specified time page.
Searching for Scanned Resources
Requires JFrog Xray to be installed with a Pro X, Enterprise with Xray, or an Enterprise+ license.
Searching for scanned results in the Security & Compliance search, returns the scan result by resource type - packages. builds, Release Bundles and artifacts. The total number of scanned resources that contain an issue for the specific resource is displayed.
You can specify the following parameters for your search.
Name | Search according to a specific issue name. |
CVE | Search for resources containing a specific CVE. |
By License | Search for resources containing a specific license or unknown licences. |
By Severities | Search for resources containing vulnerabilities according to severity level - High, Low, Medium, or Unknown. |
Date Range | Limits search to the specified date range. |
The results are displayed by resource type. Click on each tab to view the full list and click on the resource to view the issue in the dedicated resource page.
