- Checkmarx Documentation
- Checkmarx SAST
- SAST API Guide
- CxSAST (SOAP) API
- Working with Scans
- Working with Scan Result Reports
Working with Scan Result Reports
This section includes SDK methods for working with scan result reports.
Generating a Report
The API client can generate a result report for a scan, by Scan ID.
CxSDKWebService.CreateScanReport Method
public CxWSCreateReportResponse CreateScanReport( string sessionID, CxWSReportRequest reportRequest );
Parameters
sessionID: The current Session ID
reportRequest: An instance of class CxWSReportRequest, which includes the following fields:
.ScanID: The Scan ID of the scan results for which to generate a report.
.Type: The report output type.
Return Value
CxWSReportRequest, including:
.ID: Report ID to be used for tracking report generation process or for retrieving the report.
Example
To generate a result report for a scan with a known ID of 256:
internal void Main(string [] args) { String sessionID = args[0]; CxSDKWebServiceSoapClient cxSDKProxy = new CxSDKWebServiceSoapClient(); CxWSReportRequest request = new CxWSReportRequest (); //set the report type to be PDF request.Type = CxWSReportType.PDF; //report should be for scan ID 256 request.ScanID = 256; CxWSCreateReportResponse response = cxSDKProxy.CreateScanReport(sessionID, request); ReportID =response.ID; }
SOAP to REST Mapping
This section covers SOAP to REST migration and mapping of our legacy SOAP based SDK to the new REST APIs. It is recommended to use this reference only once CxSAST V8.8.0 is installed.
CreateScanReport | POST /reports/sastScan | Generate a new scan report. |
For more mapping information, refer to API Mapping (SOAP to REST). You can find a summary of our REST APIs here.
Getting Report Status
The API client can track the status of a report generation request.
CxSDKWebService.GetScanReportStatus Method
public CxWSReportStatusResponse GetScanReportStatus( string SessionID, long ReportID );
Parameters
sessionID: The current Session ID.
ReportID: The report ID.
Return Value
CxWSReportStatusResponse, including:
.IsFailed (boolean): If process failed, set to true
.IsReady (boolean): If process ended, set to true
Example
To check the status of a report with a known report ID of 200:
internal void Main(string [] args) { String sessionID = args[0]; CxSDKWebServiceSoapClient cxSDKProxy = new CxSDKWebServiceSoapClient(); int reportId = 200; CxWSReportStatusResponse response= cxSDKProxy.GetScanReportStatus(sessionID, reportId); //if IsReady is true the creation process is done ReportReady = response.IsReady; //if IsFailed is true the creation process failed and the server stopped the process GeneratingProcessFailed = response.IsFailed; }
SOAP to REST Mapping
This section covers SOAP to REST migration and mapping our legacy SOAP based SDK to the new REST APIs. It is recommended to use this reference only once CxSAST V8.8.0 is installed.
GetScanReportStatus | GET /reports/sastScan/{Id}/status | Get the status of a generated report. |
For more mapping information, refer to API Mapping (SOAP to REST). You can also find a summary of our REST APIs here.
Getting a Report
Once a scan result report has been generated and the report is ready, the API client can retrieve the report's content.
CxSDKWebService.GetScanReport Method
public CxWSResponseScanResults GetScanReport( string SessionID, long ReportID );
Parameters
sessionID: The current Session ID.
ReportID: The report ID.
Return Value
CxWSResponseScanResults, including:
.ScanResults (byte array): The report content is the last scan log as file XML to download.
.containsAllResults (boolean): true if report content hasn't been cut (due to configured maximal report size).
Example
To get the contents of a report with a known ID of 200:
internal void Main(string [] args) { String sessionID = args[0]; CxSDKWebServiceSoapClient cxSDKProxy = new CxSDKWebServiceSoapClient(); long repotID = 200; //ask for results of report with id 200 CxWSResponseScanResults response = cxSDKProxy.GetScanReport(sessionID, repotID); //get the report content as byte array ReportContent = response.ScanResults; //check if report content contains all scan results ContainAllResults = response.containsAllResults; }
SOAP to REST Mapping
This section covers SOAP to REST migration and mapping of our legacy SOAP based SDK to the new REST APIs. It is recommended to use this reference only once CxSAST V8.8.0 is installed.
GetScanReport | GET /reports/sastScan/{Id} | Get the specific report once generated. |
For more mapping information, refer to API Mapping (SOAP to REST). You can also find a summary of our REST APIs here.