Xray 2.x

Using the latest JFrog products?
JFrog Platform User Guide

Expand all   Collapse all

JFrog Xray 2.x Documentation
To get the latest version, go to the JFrog Unified Platform

Skip to end of metadata
Go to start of metadata

Overview

Features Under Construction - Coming Soon!

We are currently developing new advanced reporting capabilities and the existing Reports will not be available in the Xray 3.0 release. You can export the relevant data using alternative methods that currently exist today.

The Reports module lets you display the different reports available in the system. Currently, there are two reports you can run:

License Report
Provides information about the distribution of open source licenses used by components indexed by Xray, and their compliance according to Allowed Licenses and Banned Licenses filters you have defined in the system.
Security Report
Indicates the general health of your repositories with respect to security and other vulnerabilities.

Xray analyzes indexed artifacts and runs all reports automatically every few minutes in the background. When you click Generate for any of the available reports, Xray displays the data cached from the last run.

Xray Reports

Synchronized the Database

 Note that you can only generate reports after synchronizing with the Global Database Server at least once.

Page Contents

License Report

The License Report displays two main readings:

License Distribution
The License Distribution chart displays the distribution of licenses found in all artifacts indexed in the system. Note that only license types that make up at least 5% of the total distribution are displayed in a separate segment. Any license type with less than 5% distribution is accumulated into an "Other" category
License Compliance

The License Compliance chart displays the compliance of licenses found in the system according to "Allowed Licenses" and "Banned Licenses" filters defined in all watches in the system.

License Report

Segment Details

Hovering over any segment displays the number of artifacts that make up that segment and its percentage of the whole. 

Clicking on any segment (or the corresponding item in the chart's legend) displays the list of components that make up that segment.

Segment Details

Click on any component to view its details in the Components module.

Security Report

The Security Report gives you an indication of the general health of your repositories with regard to security vulnerabilities. Once generated, you can view the following charts:

Recent Vulnerabilities
Shows the vulnerabilities that were most recently detected in components that Xray has indexed.
Recent Components
Shows the components indexed by Xray that were most recently detected to include vulnerabilities.
Top Vulnerabilities
Shows the vulnerabilities that have the most wide-reaching effects on your repositories in that they are included as dependencies by the largest number of components indexed by Xray.
Top Artifacts
Shows the artifacts indexed by Xray that were detected to have the largest number of vulnerabilities, either directly or as a result of included dependencies.

Security Report

Bar Details

Hovering over a bar or data point in any chart provides additional information. For example, hovering over a bar in the Top Vulnerabilities chart displays the vulnerability that affects the largest number of components indexed by Xray, and the number of components affected

Top Vulnerabiliites

Clicking on the bar displays full details. For example clicking a bar in the Top Vulnerabilities chart shows full details for vulnerability that affects the largest number of components indexed by Xray.

Top Vulnerabilities


  • No labels

JFrog.com | Documentation | Featured | Have a question? Want to report an issue? Contact JFrog support