Follow these steps to create an Ignore Rule for a violation. When creating an ignore rule, the ignore rule is applied to the specific violation and all future violations that meet the ignore rule criteria.
Choose a combination of the ignore criteria depending on your needs.
Ignore Rule | Description |
---|---|
Based on the Vulnerability | |
Vulnerability ID selected | The rule will be applied on the specific security vulnerability only. |
For any Vulnerability | The rule will be applied on all security vulnerabilities. |
Based on the Component | |
Component name selected current version | The rule will be applied on the specific component for that specific version of the component only. |
Component name selected any version | The rule will be applied on the specific component for all versions of that component. |
For any component | The rule will be applied on all components that contain that violation. |
Based on the ArtifactNote: Take note, if it's in a Build or Release Bundle, it will appear here as based on Build or Release Bundle. | |
Artifact name selected current version | The rule will be applied on the specific artifact for that specific version of the artifact only. |
Artifact name selected any version | The rule will be applied on the specific artifact for all versions of that artifact. |
For any Artifact | The rule will be applied on all artifacts that contain that violation. |
Based on the Watch | |
Specific Watch | The rule will be applied on the specific watch where the violation was found. |
For any Watch | The rule will be applied on all watches. |
The ignore rule will expire at | The rule will expire on the date you set here. This gives you the ability to keep the ignore rule for a violation for the period of time you set. When the time expires, the ignore rule will be removed. Once a scan is triggered after the expiration date, violations will be created again. |
When selecting the ignore criteria, take note of the combinations you choose. Some combinations such as selecting everything as Any is not allowed as it will ignore all future violations (in the watch or in the system). The Ignore Rules REST API allows you to choose more scopes for the Ignore Rule as well as more options in each scope. |
We provided you with some scenarios where an ignore violation is needed, and how to use the different options to achieve them.
Follow these steps to view an Ignore Rule and information for each rule.
Deleting an Ignore Rule will restore all violations that were previously ignored by the rule.
Click Delete.
Starting from Xray version 3.13.0, the restore violations option is no longer available. If you are using Xray 3.13.0 and above and a version of Artifactory prior to 7.12, the restore violations will not work and error is issued. |
Starting from Xray version 3.31.x and above, you can filter the Ignore Rules list in the Ignore Rules page in Xray to narrow down and display only Ignore Rules that are relevant to you. Select the Filter button, in the top-right corner, and the filter appears. Use the filtering options to display the Ignore Rules or Ignore Rules data you want to see.
To view a list of ignored violations, from the Violations tab on the Watch select the Ignored Violations status from the Status filter and click Search.
The list of ignored violations appears.
The list includes all of the ignored violations, such as:
You can view info for each violation by selecting the violation. The issue details window appears with the ignore rule details.
A violation with an active ignore rule:
To use REST API to get, create, delete an Ignore Rule, see Ignore Rules.