This article provides reference materials about the features and functions of Lucent Sky AVM CLI.
This article is about the CLI built with .NET Framework. For the corresponding article about the cross-platform CLI built with .NET, view the following article in the Lucent Sky Knowledge Base:
Get started with Lucent Sky AVM CLI
Lucent Sky AVM CLI has the following sets of features: Application
, Autopilot
, Config
, Group
, Maintenance
, Query
, Result
, Scan
, Tools
, and User
. They are called interfaces. Each interface has several methods, while each method accepts one or more arguments. If a method is declared as internal, it is for used by other Lucent Sky AVM interfaces (such as IDE extensions). Using internal methods is unsupported.
The names of interfaces, methods, and arguments are case-insensitive.
In this article
Application
The Application
interface has the following methods: Create
, Delete
, GetEncodedList
, GetList
, GetRulePackages
, and GetRuleRuntime
.
Create
Create a new application.
.\SkyAnalyzer.Interface.Console.exe --Interface Application --Method Create [--Key] --ApplicationId --Name --Framework [--Tags] [--WeaknessPolicies] [--Vectors] [--AnalysisTarget] [--Repository] [--Arguments] [--RulePackageId] [--RuntimeId]
This method requires membership of the built-in Users group.
To learn about using a custom rule package, view the following article in the Lucent Sky Knowledge Base:
Scan an application using a custom rule package
To learn about using a specific runtime, view the following article in the Lucent Sky Knowledge Base:
Scan an application with a specific runtime
Examples
Create a DotNet application named ContosoWeb.
$applicationId = New-Guid
.\SkyAnalyzer.Interface.Console.exe --Interface Application --Method Create --ApplicationId $applicationId --Name "ContosoWeb" --Framework "DotNet"
Create a DotNet application named ContosoWeb, with tags prod and bay. Weakness policies are CWE79,0 and CWE501,2 Database and WebRequest are the vectors considered potentially dangerous. The relative path to the analysis target is ContosoWeb\ContosoWeb.csproj, big5 is set as the native encoding, while using the specified custom rule package and custom runtime.
$applicationId = New-Guid
.\SkyAnalyzer.Interface.Console.exe --Interface Application --Method Create --ApplicationId $applicationId --Name "ContosoWeb" --Framework "DotNet" --Tags "prod;bay" --WeaknessPolicies "CWE79,0;CWE501,2" --Vectors "Database,WebRequest" --AnalysisTarget "ContosoWeb\ContosoWeb.csproj" --Arguments "encoding,big5" --RulePackageid $rulePackId --RuntimeId $runtimeId
Required arguments
-
--Name
The name of the application to be created.
-
--Framework
The framework of the application. Valid frameworks are
DotNet
,Android
,ASP
,Cpp
,Go
,iOS
,Java
,PHP
,Python
,StaticWeb
,Universal
, andVisualBasic
.
Optional arguments
-
--Key
The API key.
-
--ApplicationId
A GUID to identify the application. If this argument is not present, it will be generated automatically.
-
--Tags
The tags of the application to be created. Each tag should be separated by a semicolon.
-
--WeaknessPolicies
The weakness policies, separated by semicolons. For example,
CWE79,0;CWE501,2
. If this argument is not present, the system default value will be used. -
--Vectors
The types of vectors considered potentially dangerous, separated by commas. For example,
Database,WebRequest
. If this argument is not present, the system default value will be used. -
--AnalysisTarget
The relative path to the analysis target within the source code archive or directory.
-
--Repository
The repository connection string to pull the source code.
-
--Arguments
The default scan arguments of the application.
-
--RulePackageId
The GUID of the rule package to be set as the default rule package of the application. If this argument is not present, the system default value will be used.
-
--RuntimeId
The GUID of the runtime to be set as the default runtime of the application. If this argument is not present, the system default value will be used.
Delete
Delete an application.
.\SkyAnalyzer.Interface.Console.exe --Interface Application --Method Delete [--Key] --ApplicationId
This method requires the Owner role of the application, or Write permission to the Application API interface.
Examples
Delete the specified application.
.\SkyAnalyzer.Interface.Console.exe --Interface Application --Method Delete --ApplicationId 'AAAAAAAA-AAAA-AAAA-AAAA-AAAAAAAAAAAA'
Required arguments
-
--ApplicationId
The GUID of the specified application.
Optional arguments
-
--Key
The API key.
GetEncodedList
Internal: Return a list of all applications.
GetList
Return a list of all applications.
.\SkyAnalyzer.Interface.Console.exe --Interface Application --Method GetList [--Key] [--Filter]
This method requires the Member or Owner role to the applications, or the Execute and Read permissions to the Application API interface.
Examples
Get a list of all applications.
.\SkyAnalyzer.Interface.Console.exe --Interface Application --Method GetList
Optional arguments
-
--Key
The API key.
-
--Filter
The filter used to list applications. Valid filters are
all
andmy
.
GetRulePackages
Internal: Return a list of rule packages.
GetRuntimes
Internal: Return a list of runtimes.
Autopilot
The Autopilot
interface has the following method: Start
.
Start
Start an autopilot run with the specified source code archive or directory.
.\SkyAnalyzer.Interface.Console.exe --Interface Autopilot --Method Start [--Key] [--Name] [--Tags] [--WeaknessPolicies] [--Vectors] [--Arguments] [--RulePackageId] --SourceCodePath
This method requires membership of the built-in Users group.
Examples
Identify the application frameworks in the specified source code archive, create corresponding applications (with ContosoWeb as the name and the application framework as the tag), automatically generated a new autopilot identifier, and start to scan.
.\SkyAnalyzer.Interface.Console.exe --Interface Autopilot --Method Start --Name "ContosoWeb" --SourceCodePath "C:\Source.zip"
Identify the application frameworks in the specified source code archive, use existing applications with the autopilot identifier AAAAAAAA-AAAA-AAAA-AAAA-AAAAAAAAAAAA, and start to scan.
.\SkyAnalyzer.Interface.Console.exe --Interface Autopilot --Method Start --Tag "autopilot-aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" --SourceCodePath "C:\Source.zip"
Required arguments
-
--SourceCodePath
The path to the source code archive or directory to be analyzed. For source code archives, the path must have one of the following extension: .7z or .zip.
Optional arguments
-
--Key
The API key.
-
--Name
The name of the application(s) to be created. This argument is required if an existing autopilot identifier is not specified in the
--Tags
argument; otherwise, this argument is ignored. -
--Tags
The tags of the application to be created. Each tag should be separated by a semicolon. If no autopilot identifier is specified in this argument, one will be automatically generated. If an existing autopilot identifier is specified in this argument, all other tags are ignored.
-
--WeaknessPolicies
The weakness policies, separated by semicolons. For example,
CWE79,0;CWE501,2
. If this argument is not present, the system default value will be used. This argument is ignored if an existing autopilot identifier is specified in the--Tags
argument. -
--Vectors
The types of vectors considered potentially dangerous, separated by commas. For example,
Database,WebRequest
. If this argument is not present, the system default value will be used. This argument is ignored if an existing autopilot identifier is specified in the--Tags
argument. -
--Arguments
The default scan arguments of the application. Arguments not applicable to the identified framework(s) are ignored. This argument is ignored if an existing autopilot identifier is specified in the
--Tags
argument. -
--RulePackageId
The GUID of the rule package to be set as the default rule package of the application. If this argument is not present, the system default value will be used. This argument is ignored if an existing autopilot identifier is specified in the
--Tags
argument.
Config
The Config
interface has the following method: Set
.
Set
Set a configuration option.
.\SkyAnalyzer.Interface.Console.exe --Interface Config --Method Set --Value
This method does not require authentication.
Examples
Configure the CLI to communicate with a remote Lucent Sky AVM instance.
# Replace <InstanceFqdn> with the FQDN or IP address of the CLEAR Engine instance
$InstanceFqdn = "<InstanceFqdn>"
.\SkyAnalyzer.Interface.Console.exe --Interface Config --Method Set --Value "endpoint = ${InstanceFqdn}:5759"
Configure the CLI to use named pipe endpoints to communicate with a CLEAR Engine instance:
.\SkyAnalyzer.Interface.Console.exe --Interface Config --Method Set --Value "endpoint = namedpipe"
Required arguments
-
--Value
The key and value to configure, in the format of
key = value
. Valid key isendpoint
.
Group
The Group
interface has the following methods: Create
, Delete
, Edit
, GetEncodedList
, and GetList
.
Create
Create a new group.
.\SkyAnalyzer.Interface.Console.exe --Interface Group --Method Create [--Key] --Name
This method requires Full Control of the Group API interface.
Examples
Create a group named Auditors.
.\SkyAnalyzer.Interface.Console.exe --Interface Group --Method Create --Name "Auditors"
Required arguments
-
--Name
The name of the group.
Optional arguments
-
--Key
The API key.
Delete
Delete a group.
.\SkyAnalyzer.Interface.Console.exe --Interface Group --Method Delete [--Key] --GroupId
This method requires Full Control of the Group API interface.
Examples
Delete the specified group.
.\SkyAnalyzer.Interface.Console.exe --Interface Group --Method Delete --GroupId "0A0A0A0A-0A0A-00AA-0A00-0A0A0A0A00A0"
Required arguments
-
GroupId
The GUID of the group.
Optional arguments
-
--Key
The API key.
Edit
Edit a group.
.\SkyAnalyzer.Interface.Console.exe --Interface Group --Method Edit [--Key] --GroupId --Name --Members --Permissions
This method requires Full Control of the Group API interface.
Examples
Update the specified group to have read permission for the Application and related API interfaces.
.\SkyAnalyzer.Interface.Console.exe --Interface Group --Method Edit --GroupId "0A0A0A0A-0A0A-00AA-0A00-0A0A0A0A00A0" --Permissions "Application,4"
Update the specified group to have users 01010101-0101-0011-0100-010101010010 and 02020202-0202-0022-0200-020202020020 as its members.
.\SkyAnalyzer.Interface.Console.exe --Interface Group --Method Edit --GroupId "0A0A0A0A-0A0A-00AA-0A00-0A0A0A0A00A0" --Members "01010101-0101-0011-0100-010101010010,02020202-0202-0022-0200-020202020020"
Required arguments
-
GroupId
The GUID of the group.
Optional arguments
-
--Key
The API key.
-
--Name
The name of the group. If this argument is not present or is empty, the group's name will not be modified.
-
--Members
The GUID of the member users of the group, seperated by commas. If this argument is not present, the group's members will not be modified. If this argument is empty, all members will be removed from the group.
-
--Permissions
The API permissions the group's members have access to, with the interface and permission separated by a comma and permission entries separated by semicolons. Valid interfaces are
Project
,Settings
, andUser
. Permission is a bit field (a set of flags).0
represents no permission,1
represents execute or list permission,2
represents write permission, and4
represents read permission. For example,Project,7;Settings,4
gives full control (execute, write, and read permissions) to the Project and related API interfaces, read permission to the Settings and related API interfaces, and no permission to other interfaces. If this argument is not present, the group's permissions will not be modified. If this argument is empty, all permissions will be removed from the group.
GetEncodedList
Internal: Return a list of all groups.
GetList
Return a list of all groups.
.\SkyAnalyzer.Interface.Console.exe --Interface Group --Method GetList [--Key]
This method requires authentication and does not require specific permission.
Examples
Get a list of all groups.
.\SkyAnalyzer.Interface.Console.exe --Interface Group --Method GetList
Optional arguments
-
--Key
The API key.
Maintenance
The Maintenance
interface has the following methods: DownloadApl
, DownloadLogs
, GetLicense
, and GetSystemStatus
.
DownloadApl
Download the APL files of the specified framework.
.\SkyAnalyzer.Interface.Console.exe --Interface Maintenance --Method DownloadApl [--Key] --Framework --AplPath
This method requires authentication and does not require specific permission.
Examples
Download the APL files for DotNet to C:\APL-DotNet.zip.
.\SkyAnalyzer.Interface.Console.exe --Interface Maintenance --Method DownloadApl --Framework "DotNet" --AplPath "C:\APL-DotNet.zip"
Required arguments
-
--Framework
The framework of the APL binaries. Valid frameworks are
DotNet
,Java
, andPHP
. -
--AplPath
The path to save the APL binaries. The path must have the extension .zip.
Optional arguments
-
--Key
The API key.
DownloadLogs
Download the system logs of the specified date.
.\SkyAnalyzer.Interface.Console.exe --Interface Maintenance --Method DownloadLogs [--Key] --LogsDate --LogsPath
This method requires the Member or Owner role of the application, or Read permission of the Scan API interface.
Examples
Download the system logs on 2020/4/1 to C:\System-Logs-20200401.zip.
.\SkyAnalyzer.Interface.Console.exe --Interface Maintenance --Method DownloadLogs --LogsDate "2020/4/1" --LogsPath "C:\System-Logs-20200401.zip"
Required arguments
-
--LogsDate
The date, in system time, of the system logs to download.
-
--LogsPath
The path to save the log files. The path must have the extension .zip.
Optional arguments
-
--Key
The API key.
GetLicense
Return the license information of the CLEAR Engine instance.
.\SkyAnalyzer.Interface.Console.exe --Interface Maintenance --Method GetLicense [--Key]
This method requires authentication and does not require specific permission.
Examples
Get the license information of the CLEAR Engine instance.
.\SkyAnalyzer.Interface.Console.exe --Interface Maintenance --Method GetLicense
Optional arguments
-
--Key
The API key.
GetSystemStatus
Return the system status of the CLEAR Engine instance.
.\SkyAnalyzer.Interface.Console.exe --Interface Maintenance --Method GetSystemStatus [--Key]
This method requires authentication and does not require specific permission. Getting performance counters requires membership of the built-in Users group.
Examples
Get the system status of the CLEAR Engine instance.
.\SkyAnalyzer.Interface.Console.exe --Interface Maintenance --Method GetSystemStatus
Optional arguments
-
--Key
The API key.
Query
The Query
interface has the following method: Execute
.
Execute
Execute the specified query against the data source.
.\SkyAnalyzer.Interface.Console.exe --Interface Query --Method Execute [--Key] --QueryDataSource --QueryStatement
This method does not require authentication when querying against a local data source and requires Execute and Read permissions of the Query API interface when querying against a CLEAR Engine instance.
Examples
Query the number of results in an XML report with a 1 or 2 priority.
.\SkyAnalyzer.Interface.Console.exe --Interface Query --Method Execute --QueryDataSource "C:\Report.xml" --QueryStatement "SELECT COUNT(ID) FROM Results WHERE PRIORITY <= 2"
Query the application ID of applications that have the jquery dependency with version number lower than 1.4.2.1 in their most recent scan.
.\SkyAnalyzer.Interface.Console.exe --Interface Query --Method Execute --QueryDataSource "Engine" --QueryStatement "SELECT ApplicationId FROM Dependencies WHERE Name = 'jquery' AND Version < '1.4.2.1'"
Required arguments
-
--QueryDataSource
The path to the data source. Valid values are
Engine
or the path to an XML report. -
--QueryStatement
The query statement to execute.
Optional arguments
-
--Key
The API key.
Result
The Result
interface has the following methods: Hide
and Unhide
.
Hide
Hide a result.
.\SkyAnalyzer.Interface.Console.exe --Interface Result --Method Hide [--Key] --ResultId
This method requires the Owner role of the application or the scan, or Write permission to the Result API interfaces.
Examples
Hide the specified result.
.\SkyAnalyzer.Interface.Console.exe --Interface Result --Method Hide --ResultId "01010010-0101-0010-0101-001001010010"
Required arguments
-
--ResultId
The GUID of the specified result.
Optional arguments
-
--Key
The API key.
Unhide
Unhide a result.
.\SkyAnalyzer.Interface.Console.exe --Interface Result --Method Unhide [--Key] --ResultId
This method requires the Owner role of the application or the scan, or Write permission to the Result API interfaces.
Examples
Unhide the specified result.
.\SkyAnalyzer.Interface.Console.exe --Interface Result --Method Unhide --ResultId "01010010-0101-0010-0101-001001010010"
Required arguments
-
--ResultId
The GUID of the specified result.
Optional arguments
-
--Key
The API key.
Scan
The Scan
interface has the following methods: Analyze
, Archive
, BeginAnalyze
, BeginImport
, BeginRemediate
, BeginReport
, Create
, Delete
, DownloadLogs
, EndRemediate
, EndReport
, GetRemediateStatus
, GetReportStatus
, GetResult
, GetStage
, GetStatus
, Import
, Purge
, Remediate
, and Report
.
Analyze
Upload the source code and start the scan. This is a synchronous method and will not return until the scan is completed.
.\SkyAnalyzer.Interface.Console.exe --Interface Scan --Method Analyze [--Key] --ScanId --SourceCodePath
This method requires the Member or Owner role of the application, or Read permission of the Scan API interface. It also requires membership of the built-in Users group.
To learn more about creating the source code archive of an application, view the following article in the Lucent Sky Knowledge Base:
Prepare an application scanning
Examples
Upload the source code archive at C:\Source.zip to the specified scan and start the scan.
.\SkyAnalyzer.Interface.Console.exe --Interface Scan --Method Analyze --ScanId "55555555-5555-5555-5555-555555555555" --SourceCodePath "C:\Source.zip"
Pull source code using the repository connecting string to the specified scan and start the scan.
.\SkyAnalyzer.Interface.Console.exe --Interface Scan --Method Analyze --ScanId "55555555-5555-5555-5555-555555555555" --SourceCodePath ".repository"
Required arguments
-
--ScanId
The GUID of the specified scan.
-
--SourceCodePath
The path to the source code archive or directory to be analyzed. For source code archives, the path must have one of the following extension: .7z, .jar, .war, or .zip. To pull source code using the repository connection string of the application or scan, set the path to
.repository
.
Optional arguments
-
--Key
The API key.
Archive
Archive scans created before a specified date and time.
.\SkyAnalyzer.Interface.Console.exe --Interface Scan --Method Archive [--Key] --PurgeThreshold
This method requires Execute and Read permissions to the Scan API interface.
Examples
Archive scans created before June 15, 2019 1:45:30 PM (UTC).
.\SkyAnalyzer.Interface.Console.exe --Interface Scan --Method Archive --PurgeThreshold "2019-06-15T13:45:30"
Required arguments
-
--PurgeThreshold
The date and time threshold, in UTC, to purge or archive scans. The threshold must be at least 168 hours earlier than the current time. Scans started before the threshold will be deleted, unless they are in progress or in queue. Applications with no scan after the purge will also be deleted, unless the
CascadePurge
argument is set toFalse
. The date and time format must conform with .NET Standard Date and Time Format Strings, such as 2009-06-15T13:45:30.
Optional arguments
-
--Key
The API key.
-
--CascadePurge
True
(default) will delete applications with no scan after the purge andFalse
will keep applications with no scan after the purge.
BeginAnalyze
Upload the source code then start the scan. This is an asynchronous method and will return when the scan starts.
.\SkyAnalyzer.Interface.Console.exe --Interface Scan --Method BeginAnalyze [--Key] --ScanId --SourceCodePath
This method requires the Member or Owner role of the application, or Read permission of the Scan API interface. It also requires membership of the built-in Users group.
Examples
Upload the source code archive at C:\Source.zip to the specified scan and start the scan.
.\SkyAnalyzer.Interface.Console.exe --Interface Scan --Method BeginAnalyze --ScanId "55555555-5555-5555-5555-555555555555" --SourceCodePath "C:\Source.zip"
Pull source code using the repository connection string to the specified scan and start the scan.
.\SkyAnalyzer.Interface.Console.exe --Interface Scan --Method BeginAnalyze --ScanId "55555555-5555-5555-5555-555555555555" --SourceCodePath ".repository"
Required arguments
-
--ScanId
The GUID of the specified scan.
-
--SourceCodePath
The path to the source code archive or directory to be analyzed. For source code archives, the path must have one of the following extension: .7z, .jar, .war, or .zip. To pull source code using the repository connection string of the application or scan, set the path to
.repository
.
Optional arguments
-
--Key
The API key.
BeginImport
Upload the source code and foreign report file then start the scan. This is an asynchronous method and will return when the scan starts.
.\SkyAnalyzer.Interface.Console.exe --Interface Scan --Method BeginImport [--Key] --ScanId --ForeignReportPath --SourceCodePath
This method requires the Member or Owner role of the application, or Read permission of the Scan API interface. It also requires membership of the built-in Users group.
Examples
Upload the foreign report file at C:\Report.xml and the source code archive at C:\Source.zip to the specified scan and start the scan.
.\SkyAnalyzer.Interface.Console.exe --Interface Scan --Method BeginImport --ScanId "55555555-5555-5555-5555-555555555555" --ForeignReportPath "C:\Report.xml" --SourceCodePath "C:\Source.zip"
Required arguments
-
--ScanId
The GUID of the specified scan.
-
--ForeignReportPath
The path to the foreign report file to be imported. The path must have one of the following extension: .fpr, .txt, or .xml.
-
--SourceCodePath
The path to the source code archive or directory to be analyzed. For source code archives, the path must have one of the following extension: .7z, .jar, .war, or .zip.
Optional arguments
-
--Key
The API key.
BeginRemediate
Generate remediated source code of a completed scan. This is an asynchronous method and will return a tick representing this specific remediated source code archive when generation starts.
$ticks = .\SkyAnalyzer.Interface.Console.exe --Interface Scan --Method BeginRemediate [--Key] --ScanId --RemediationOption
This method requires the Member or Owner role of the application, or Read permission of the Scan API interface.
Examples
Start to generate the remediated source code archive of the specified scan, including remediation information and original source code in the remediated source code. A tick representing the remediated source code archive will be saved to the ticks variable.
$ticks = .\SkyAnalyzer.Interface.Console.exe --Interface Scan --Method BeginRemediate --ScanId "55555555-5555-5555-5555-555555555555" --RemediationOption 3
Required arguments
-
--ScanId
The GUID of the specified scan.
Optional arguments
-
--Key
The API key.
-
--RemediationOption
Use this argument to control how the remediated source code is generated. This argument is a bit field (a set of flags).
1
indicates that remediation information should be included as comments,2
indicates that the original source code should be included as comments,4
indicates that a diff file should be generated, and8
indicates that only modified files should be included. For example, whenRemediationOption
is set to5
, the remediated source code will include remediation information as comments and include the diff file. If this argument is not present,0
will be used (does not include any of the above).
BeginReport
Generate the report of a completed scan. This is an asynchronous method and will return a tick representing this specific report when generation starts.
$ticks = .\SkyAnalyzer.Interface.Console.exe --Interface Scan --Method BeginReport [--Key] --ScanId --ReportFormat [--ReportLanguage]
This method requires the Member or Owner role of the application, or Read permission of the Scan API interface.
Examples
Start to generate the report in xml format of the specified scan. A tick representing the report will be saved to the ticks variable.
$ticks = .\SkyAnalyzer.Interface.Console.exe --Interface Scan --Method BeginReport --ScanId "55555555-5555-5555-5555-555555555555" --ReportFormat "xml"
Required arguments
-
--ScanId
The GUID of the specified scan. If this argument is not present, it will be generated automatically.
-
--ReportFormat
The format, style, and verbosity of the report. Valid values for format are
html
,pdf
, andxml
. Valid values for style areaudit
,dark
, andquick
if the format ishtml
, andaudit
,quality
if the format ispdf
. Valid values for verbosity aredetailedverbosity
andminimalverbosity
if the format ishtml
orpdf
.
Optional arguments
-
--Key
The API key.
-
--ReportLanguage
The language of the report. Valid values are
en
(default),de
,ja
, andzh
.
Create
Create a new scan.
.\SkyAnalyzer.Interface.Console.exe --Interface Scan --Method Create [--Key] --ApplicationId --ScanId [--Tags] [--WeaknessPolicies] [--Vectors] [--AnalysisTarget] [--Repository] [--Arguments] [--Type] [--SkipValidation]
This method requires the Member or Owner role of the application, or Read permission of the Application API interface. It also requires membership of the built-in Users group.
Examples
Create a scan under the specified application.
$scanId = New-Guid
.\SkyAnalyzer.Interface.Console.exe --Interface Scan --Method Create --ApplicationId "A4A4A4A4-A4A4-A4A4-A4A4-A4A4A4A4A4A4" --ScanId $scanId
Create a scan under the specified application using intelligent analysis, with tags prod and bay. Weakness policies are CWE79,0 and CWE501,2 Database and WebRequest are the vectors considered potentially dangerous. The relative path to the analysis target is ContosoWeb\ContosoWeb.csproj, and scan arguments encoding,big5.
$scanId = New-Guid
.\SkyAnalyzer.Interface.Console.exe --Interface Scan --Method Create --ApplicationId "A4A4A4A4-A4A4-A4A4-A4A4-A4A4A4A4A4A4" --ScanId "55555555-5555-5555-5555-555555555555" --Tags "prod;bay" --WeaknessPolicies "CWE79,0;CWE501,2" --Vectors "Database" --AnalysisTarget "ContosoWeb\ContosoWeb.csproj" --Arguments "encoding,big5"
Create a scan under the specified application using intelligent analysis, and override the application's weakness policies with default weakness policies. The WeaknessPolicies
argument is set to a space character to ensure it from being correctly parsed as empty instead of null.
$scanId = New-Guid
.\SkyAnalyzer.Interface.Console.exe --Interface Scan --Method Create --ApplicationId "A4A4A4A4-A4A4-A4A4-A4A4-A4A4A4A4A4A4" --ScanId "55555555-5555-5555-5555-555555555555" --WeaknessPolicies " "
Required arguments
-
--ScanId
A GUID to identify the scan. If this argument is not present, it will be generated automatically.
-
--ApplicationId
The GUID of the application this scan belong to.
Optional arguments
-
--Key
The API key.
-
--Tags
The tags of the scan to be created. Each tag should be separated by a semicolon.
-
--WeaknessPolicies
The weakness policies, separated by semicolons. For example,
CWE79,0;CWE501,2
. If this argument is not present, the value from application will be used. If this argument is empty or contains only spaces, default weakness policies will be used. -
--Vectors
The types of vectors considered potentially dangerous, separated by commas. For example,
Database,WebRequest
. If this argument is not present, the value from application will be used. If this argument is empty or contains only spaces, default vectors will be used. -
--AnalysisTarget
The relative path to the analysis target, such as a project file or a binary file, within the source code archive or directory. If this argument is not present, the value from application will be used. If this argument is empty or contains only spaces, analysis target will detected automatically.
-
--Repository
The repository connection string to pull the source code.
-
--Arguments
The scan arguments for this scan. If this argument is not present, the value from application will be used. If this argument is empty or contains only spaces, no scan argument will be set.
-
--Type
The scan analysis type.
0
is built-in static analysis (default) and1
is foreign analysis importation. -
--SkipValidation
False
(default) will perform rule package integrity check andTrue
will skip rule package integrity check.
Delete
Delete a scan.
.\SkyAnalyzer.Interface.Console.exe --Interface Scan --Method Delete [--Key] --ScanId
This method requires the Owner role of the application or the scan, or Write permission of the Scan API interface.
Examples
Delete the specified scan.
.\SkyAnalyzer.Interface.Console.exe --Interface Scan --Method Delete --ScanId $scanId
Required arguments
-
--ScanId
The GUID of the specified scan.
Optional arguments
-
--Key
The API key.
DownloadLogs
Download log files associated with a scan.
.\SkyAnalyzer.Interface.Console.exe --Interface Scan --Method DownloadLogs [--Key] --ScanId --LogsPath
This method requires the Member or Owner role of the application, or Read permission of the Scan API interface.
Examples
Download the log files of the specified scan to C:\Logs.zip.
.\SkyAnalyzer.Interface.Console.exe --Interface Scan --Method DownloadLogs --ScanId "55555555-5555-5555-5555-555555555555" --LogsPath "C:\Logs.zip"
Required arguments
-
--ScanId
The GUID of the specified scan.
-
--LogsPath
The path to save the log files. The path must have the extension .zip.
Optional arguments
-
--Key
The API key.
EndRemediate
Download the specified remediated source code of a completed scan, or the last remediated source code archive of a completed scan if none was specified.
.\SkyAnalyzer.Interface.Console.exe --Interface Scan --Method EndRemediate [--Key] --ScanId --RemediatedSourceCodePath [--Ticks]
This method requires the Member or Owner role of the application, or Read permission of the Scan API interface.
Examples
Download the remediated source code archive of the specified scan that is associated with the specified ticks to C:\RemediatedSource.zip.
.\SkyAnalyzer.Interface.Console.exe --Interface Scan --Method EndRemediate --ScanId "55555555-5555-5555-5555-555555555555" --RemediatedSourceCodePath "C:\RemediatedSource.zip" --Ticks "637449696000000000"
Required arguments
-
--ScanId
The GUID of the specified scan.
-
--RemediatedSourceCodePath
The path to save the remediated source code. The path must have the extension .zip.
Optional arguments
-
--Key
The API key.
-
--Ticks
The ticks associated with a remediated source code archive. If this argument is not present, the last remediated source code archive will be download.
EndReport
Download the specified report of a completed scan, or the last report of a completed scan if none was specified.
.\SkyAnalyzer.Interface.Console.exe --Interface Scan --Method EndReport [--Key] --ScanId --ReportPath --ReportFormat [--ReportLanguage] [--Ticks]
This method requires the Member or Owner role of the application, or Read permission of the Scan API interface.
Examples
Download the xml report of the specified scan that is associated with the specified ticks to C:\Report.zip:
.\SkyAnalyzer.Interface.Console.exe --Interface Scan --Method EndReport --ScanId "55555555-5555-5555-5555-555555555555" --ReportPath "C:\Report.zip" --ReportFormat "xml" --Ticks "637449696000000000"
Required arguments
-
--ScanId
The GUID of the specified scan.
-
--ReportFormat
The format, style, and verbosity of the report. Valid values are
html
,html,audit
,html,dark
,html,verbose
,html,audit,dark
,html,audit,verbose
,html,dark,verbose
,html,audit,dark,verbose
,pdf
,pdf,audit
,pdf,quality
,pdf,verbose
,pdf,audit,quality
,pdf,audit,verbose
,pdf,quality,verbose
,pdf,audit,quality,verbose
, andxml
. -
--ReportPath
The path to save the report. The path must have the extension .zip.
Optional arguments
-
--Key
The API key.
-
--ReportLanguage
The language of the report. Valid languages are
en
(default) andzh
. -
--Ticks
The ticks associated with a specific report. If this argument is not present, the last report of the specified or default language will be download.
GetRemediateStatus
Return the status of remediated source code generation. 0
if the generation is ongoing, 1
if the generation has completed, and 2
if the generation has failed.
.\SkyAnalyzer.Interface.Console.exe --Interface Scan --Method GetRemediateStatus [--Key] --ScanId --Ticks
This method requires the Member or Owner role of the application, or Read permission of the Scan API interface.
Examples
Get the status of the remediated source code archive of the specified scan that is associated with the specified ticks:
.\SkyAnalyzer.Interface.Console.exe --Interface Scan --Method GetRemediateStatus --ScanId "55555555-5555-5555-5555-555555555555" --Ticks "637449696000000000"
Required arguments
-
--ScanId
The GUID of the specified scan.
-
--Ticks
The ticks associated with a specific remediated source code archive.
Optional arguments
-
--Key
The API key.
GetReportStatus
Return the status of report generation. 0
if the generation is ongoing, 1
if the generation has completed, 2
if the generation has failed.
.\SkyAnalyzer.Interface.Console.exe --Interface Scan --Method GetReportStatus [--Key] --ScanId --Ticks --ReportFormat
This method requires the Member or Owner role of the application, or Read permission of the Scan API interface.
Examples
Get the status of the xml report of the specified scan that is associated with the specified ticks.
.\SkyAnalyzer.Interface.Console.exe --Interface Scan --Method GetReportStatus --ScanId "55555555-5555-5555-5555-555555555555" --Ticks "637449696000000000" --ReportFormat "xml"
Required arguments
-
--ScanId
The GUID of the specified scan.
-
--ReportFormat
The format, style, and verbosity of the report. Valid values are
html
,html,audit
,html,dark
,html,verbose
,html,audit,dark
,html,audit,verbose
,html,dark,verbose
,html,audit,dark,verbose
,pdf
,pdf,audit
,pdf,quality
,pdf,verbose
,pdf,audit,quality
,pdf,audit,verbose
,pdf,quality,verbose
,pdf,audit,quality,verbose
, andxml
. -
--Ticks
The ticks associated with a specific report.
Optional arguments
-
--Key
The API key.
GetResult
Return the result code of a completed scan. If the scan completed successfully, 0
is returned regardless if the scan has warnings; if the scan failed, the actual result code is returned.
.\SkyAnalyzer.Interface.Console.exe --Interface Scan --Method GetResult [--Key] --ScanId
This method requires the Member or Owner role of the application, or Read permission of the Scan API interface.
Examples
Get the result code of the specified scan.
.\SkyAnalyzer.Interface.Console.exe --Interface Scan --Method GetResult --ScanId $scanId
Required arguments
-
--ScanId
The GUID of the specified scan.
Optional arguments
-
--Key
The API key.
GetStage
Internal: Return the stage and progress of an ongoing scan.
GetStatus
Return the status of a scan. True
if the scan has completed (even if the scan has failed) and False
if the scan is ongoing.
.\SkyAnalyzer.Interface.Console.exe --Interface Scan --Method GetStatus [--Key] --ScanId
This method requires the Member or Owner role of the application, or Read permission of the Scan API interface.
Examples
Get the status of the specified scan.
.\SkyAnalyzer.Interface.Console.exe --Interface Scan --Method GetStatus --ScanId $scanId
Required arguments
-
--ScanId
The GUID of the specified scan.
Optional arguments
-
--Key
The API key.
Import
Upload the source code and foreign report file and start the scan. This is a synchronous method and will not return until the scan is completed.
.\SkyAnalyzer.Interface.Console.exe --Interface Scan --Method Import [--Key] --ScanId --ForeignReportPath --SourceCodePath
This method requires the Member or Owner role of the application, or Read permission of the Scan API interface. It also requires membership of the built-in Users group.
Examples
Upload the foreign report file at C:\Report.xml and the source code archive at C:\Source.zip to the specified scan and start the scan.
.\SkyAnalyzer.Interface.Console.exe --Interface Scan --Method Import --ScanId "55555555-5555-5555-5555-555555555555" --ForeignReportPath "C:\Report.xml" --SourceCodePath "C:\Source.zip"
Required arguments
-
--ScanId
The GUID of the specified scan.
-
--ForeignReportPath
The path to the foreign report file to be imported. The path must have one of the following extension: .fpr, .txt, or .xml.
-
--SourceCodePath
The path to the source code archive or directory to be analyzed. For source code archives, the path must have one of the following extension: .7z, .jar, .war, or .zip.
Optional arguments
-
--Key
The API key.
Purge
Delete scans created before a specified date and time.
.\SkyAnalyzer.Interface.Console.exe --Interface Scan --Method Purge [--Key] --PurgeThreshold [--CascadePurge]
This method requires Execute and Read permissions to the Scan API interface.
Examples
Purge scans created before June 15, 2019 1:45:30 PM (UTC).
.\SkyAnalyzer.Interface.Console.exe --Interface Scan --Method Purge --PurgeThreshold "2019-06-15T13:45:30"
Required arguments
-
--PurgeThreshold
The date and time threshold, in UTC, to purge or archive scans. The threshold must be at least 168 hours earlier than the current time. Scans started before the threshold will be deleted, unless they are in progress or in queue. Applications with no scan after the purge will also be deleted, unless the
CascadePurge
argument is set toFalse
. The date and time format must conform with .NET Standard Date and Time Format Strings, such as 2009-06-15T13:45:30.
Optional arguments
-
--Key
The API key.
-
--CascadePurge
True
(default) will delete applications with no scan after the purge andFalse
will keep applications with no scan after the purge.
Remediate
Generate remediated source code of a completed scan and download it when generation is completed. This is a synchronous method and will not return until the generation is completed.
$ticks = .\SkyAnalyzer.Interface.Console.exe --Interface Scan --Method Remediate [--Key] --ScanId --RemediatedSourceCodePath [--RemediationOption]
This method requires the Member or Owner role of the application, or Read permission of the Scan API interface.
Examples
Generate the remediated source code archive of the specified scan, including remediation information and original source code in the remediated source code, and download it to C:\RemediatedSource.zip.
$ticks = .\SkyAnalyzer.Interface.Console.exe --Interface Scan --Method Remediate --ScanId "55555555-5555-5555-5555-555555555555" --RemediationOption 3 --RemediatedSourceCodePath "C:\RemediatedSource.zip"
Required arguments
-
--ScanId
The GUID of the specified scan.
-
--RemediatedSourceCodePath
The path to save the remediated source code. The path must have the extension .zip.
Optional arguments
-
--Key
The API key.
-
--RemediationOption
Use this argument to control how the remediated source code is generated. This argument is a bit field (a set of flags).
1
indicates that remediation information should be included as comments,2
indicates that the original source code should be included as comments,4
indicates that a diff file should be generated, and8
indicates that only modified files should be included. For example, whenRemediationOption
is set to5
, the remediated source code will include remediation information as comments and include the diff file. If this argument is not present,0
will be used (does not include any of the above).
Report
Generate the report of a completed scan and download it when generation is completed. This is a synchronous method and will not return until the generation is completed.
.\SkyAnalyzer.Interface.Console.exe --Interface Scan --Method Report --ScanId --ReportFormat --ReportPath [--ReportLanguage`]
This method requires the Member or Owner role of the application, or Read permission of the Scan API interface.
Examples
Generate the report in html format of the specified scan and download it to C:\Report.zip:
.\SkyAnalyzer.Interface.Console.exe --Interface Scan --Method Report --ScanId "55555555-5555-5555-5555-555555555555" --ReportFormat "html" --ReportPath "C:\Report.zip"
Required arguments
-
--ScanId
The GUID of the specified scan.
-
--ReportFormat
The format, style, and verbosity of the report. Valid values are
html
,html,audit
,html,dark
,html,verbose
,html,audit,dark
,html,audit,verbose
,html,dark,verbose
,html,audit,dark,verbose
,pdf
,pdf,audit
,pdf,quality
,pdf,verbose
,pdf,audit,quality
,pdf,audit,verbose
,pdf,quality,verbose
,pdf,audit,quality,verbose
, andxml
. -
--ReportPath
The path to save the report. The path must have the extension .zip.
Optional arguments
-
--Key
The API key.
-
--ReportLanguage
The language of the report. Valid languages are
en
(default) andzh
.
Tools
The Tools
interface has the following methods: Base64Encode
and DetectFrameworks
.
Base64Encode
Generate the base64-encoded value of a user object.
.\SkyAnalyzer.Interface.Console.exe --Interface Tools --Method Base64Encode --Value
This method does not require authentication.
Examples
Generate the base64-encoded string of a user object of the built-in account [email protected] with the password password and save it to the variable $userObject.
$userObject = .\SkyAnalyzer.Interface.Console.exe --Interface Tools --Method Base64Encode --Value "[email protected] password Sql"
Required arguments
-
--Value
The format is Email Password AccountType. Use
Sql
asAccountType
for built-in accounts;ActiveDirectory
for organizational accounts.
DetectFrameworks
Internal: Detect the application frameworks of the specified directory.
User
The Tools
interface has the following methods: Authenticate
, Create
, Delete
, Edit
, GetEncodedList
, GetList
, Migrate
, and SetPassword
.
Authenticate
Internal: Validate if the user credentials are valid.
Create
Create a new user.
.\SkyAnalyzer.Interface.Console.exe --Interface User --Method Create [--Key] --Email --Provider [--Password]
This method requires Write permission to the User API interface.
Examples
Create a new local user [email protected] with password password.
.\SkyAnalyzer.Interface.Console.exe --Interface User --Method Create --Provider "Sql" --Email "[email protected]" --Password "password"
Create a new organizational user [email protected].
.\SkyAnalyzer.Interface.Console.exe --Interface User --Method Create --Provider "ActiveDirectory" --Email "[email protected]"
Required arguments
-
--Email
The email of the user.
-
--Provider
The membership provider of the user. Valid providers are
ActiveDirectory
andSql
.
Optional arguments
-
--Key
The API key.
-
--Password
The password of the user. This argument is required when using the SQL membership provider and is ignored when using the Active Directory membership provider.
Delete
Delete a user.
.\SkyAnalyzer.Interface.Console.exe --Interface User --Method Delete [--Key] --UserId
This method requires Write permission to the User API interface.
Examples
Delete the specified user.
.\SkyAnalyzer.Interface.Console.exe --Interface User --Method Delete --UserId "01010101-0101-0011-0100-010101010010"
Required arguments
-
--UserId
GUID of the specified user.
Optional arguments
-
--Key
The API key.
Edit
Edit a user.
.\SkyAnalyzer.Interface.Console.exe --Interface User --Method Edit --UserId --Groups
This method requires Write and Read permissions to the User API interface.
Examples
Update the specified user to have membership of groups 0A0A0A0A-0A0A-00AA-0A00-0A0A0A0A00A0 and 0B0B0B0B-0B0B-00BB-0B00-0B0B0B0B00B0.
.\SkyAnalyzer.Interface.Console.exe --Interface User --Method Edit --UserId "01010101-0101-0011-0100-010101010010" --Groups "0A0A0A0A-0A0A-00AA-0A00-0A0A0A0A00A0,0B0B0B0B-0B0B-00BB-0B00-0B0B0B0B00B0"
Required arguments
-
--UserId
GUID of the specified user.
Optional arguments
-
--Key
The API key.
GetEncodedList
Internal: Return a list of all users.
GetList
Return a list of all users.
.\SkyAnalyzer.Interface.Console.exe --Interface User --Method GetList [--Key]
This method requires authentication and does not require specific permission.
Examples
Get a list of all users.
.\SkyAnalyzer.Interface.Console.exe --Interface User --Method GetList
Optional arguments
-
--Key
The API key.
Migrate
Migrate the data of one user to another user.
.\SkyAnalyzer.Interface.Console.exe --Interface User --Method Migrate [--Key] --UserId --Value
This method requires Write and Read permissions to the User API interface.
Examples
Migrate the data of user 01010101-0101-0011-0100-010101010010 to destination user 02020202-0202-0022-0200-020202020020.
.\SkyAnalyzer.Interface.Console.exe --Interface User --Method Migrate --UserId "01010101-0101-0011-0100-010101010010" --Value "02020202-0202-0022-0200-020202020020"
Required arguments
-
--UserId
GUID of the source user.
-
--Value
GUID of the destination user.
Optional arguments
-
--Key
The API key.
SetPassword
Set the password of a user.
.\SkyAnalyzer.Interface.Console.exe --Interface User --Method SetPassword [--Key] --UserId --Password
This method requires Write permission to the User API interface.
Examples
Set the password for user with user ID 01010101-0101-0011-0100-010101010010 to password.
.\SkyAnalyzer.Interface.Console.exe --Interface User --Method SetPassword --UserId "01010101-0101-0011-0100-010101010010" --Password "password"
Required arguments
-
--UserId
GUID of the specified user.
-
--Password
Password of the user.
Optional arguments
-
--Key
The API key.
Appendix
Verbs
Lucent SKy AVM CLI supports the use of verbs instead of interfaces and methods. Combine the Interface
and Method
arguments with a space in between to use as a verb. As with the names of interfaces and methods, verbs are case-insensitive.
When using a verb, it must be the first argument.
Example
$applicationId = New-Guid
# Replace <ApplicationName> with a descriptive name of the application
$applicationName = "<ApplicationName>"
# Replace <Framework> with the framework of the application
$framework = "<Framework>"
.\SkyAnalyzer.Interface.Console.exe application create --Name $applicationName --Framework $framework --ApplicationId $applicationId
Environment variables
Lucent Sky AVM CLI supports the following environment variables:
-
--CLEAR_API_KEY
The API key. If both the
Key
argument and theCLEAR_API_KEY
environment variable are present, the value of theKey
argument will be used.
Example
Set the CLEAR_API_KEY
to the value of an API key, then get the list of all applications.
$env:CLEAR_API_KEY = "lsDZG9X9PlkuK+bv+tJFpg8tUS4ISbWTi4+kQKm7Wh0="
.\SkyAnalyzer.Interface.Console.exe --Interface Application --Method GetList
Log in using credentials
Log in using user credentials has been deprecated in favor of using API keys. To log in using user credentials, omit the Key
argument and set the Credential
argument to the Base64-encoded user object.
Examples
Create an user object of the local user [email protected] with password password and get the list of all applications.
$userObject = .\SkyAnalyzer.Interface.Console.exe --Interface Tools --Method Base64Encode --Value "[email protected] password Sql"
.\SkyAnalyzer.Interface.Console.exe --Interface Application --Method GetList --Credential $userObject
Resolve common issues using CLI exit code
After calling a method in CLI, the process will return an exit code. The default exit code 0 will be returned if the process has completed successfully. Refer to the table below for a list of all exit codes, their causes and solutions.
0
- The process has completed successfully.-11
- User authentication failed. (AUTHENTICATION_FAILED)-12
- User authorization failed. (AUTHORIZATION_FAILED)-100
- The license has expired, has no remaining scans, or is invalid. (INVALID_LICENSE)-111
- The number of applications has reached the limit of the license. (PROJECT_LIMIT_REACHED)-112
- The number of users has reached the limit of the license. (USER_LIMIT_REACHED)-121
- The specified framework is not available. (INVALID_FRAMEWORK)-122
- The specified report format is not available. (INVALID_REPORT_FORMAT)-123
- The specified remediation option is not available. (INVALID_MITIGATION_OPTION)-201
- The API model is null. (NULL_API_MODEL)-202
- The API model is invalid. (INVALID_API_MODEL)-203
- The input is invalid. (INVALID_INPUT)-301
- The storage is offline. (OFFLINE)-302
- The storage functional level is incompatible. (FUNCTIONAL_LEVEL)-20000
- An unexpected error occurred.-20004
- Network error. Verify the network status or try again later.-20005
- Operation timeout. Verify the network status or try again later.-20006
- Communication error. Verify the network status or try again later.20011
- The synchronized method has timed-out, but has started successfully.20021
- The method completed successfully, but is no longer applicable to the scan.-20100
- One or more arguments is invalid.-20101
- 'Interface' is missing or invalid.-20102
- 'Method' is missing or invalid.-20103
- One or more arguments for this method is missing.-20105
- Authentication or authorization failed.-20106
- 'Value' is invalid.-20201
- 'Framework' is invalid.-20203
- 'Repository' is invalid.-20206
- 'Vectors' is invalid.-20208
- 'RulePackageId' is not present.-20209
- 'RuntimeId' is not present or is incompatible to the framework of the application.-20211
- 'Filter' is invalid.-20301
- 'Type' is invalid.-20302
- 'SourceCodePath' is not a valid path or the specified file or directory does not exist.-20303
- 'SourceCodePath' is in an unsupported format.-20304
- 'ForeignReportPath' is not a valid file path or the specified file does not exist.-20305
- 'ForeignReportPath' is in an unsupported format.-20306
- 'RemediatedSourceCodePath' must have a zip extension.-20307
- 'RemediationOption' is invalid.-20308
- 'Ticks' is invalid.-20309
- 'ReportFormat' is invalid.-20310
- 'ReportPath' must have a zip extension.-20311
- 'ReportLanguage' is invalid.-20312
- 'PurgeThreshold' is invalid.-20313
- 'LogsPath' must have a zip extension.-20401
- 'AplPath' must have a zip extension.-20403
- 'LogsDate' is invalid.-20404
- 'Groups' is invalid.-20405
- 'Members' is invalid.-20406
- 'Permissions' is invalid.-21000
- The 'ScanId' is invalid for this action.-21001
- Failed to set password.-21101
- The 'ReportProjectRoot' scan argument is not present in 'Arguments'.-21102
- Failed to download the file. The file size cannot exceed 2 GB.-21103
- The specified scan does not have any generated remediated source code.-21104
- The remediated source code is still being generated.-21105
- Failed to generate remediated source code.-21106
- An I/O error occurred. Try again later.-21107
- The specified scan does not have a generated report.-21108
- The report is still being generated.-21109
- Failed to generate report.-21110
- The specified framework is invalid for this type of foreign report.-21200
- The 'ApplicationId' is invalid for this action.-22001
- The specified data source does not exist or is not supported.-22002
- The query is not supported or invalid.-22003
- An error occurred while processing the query.-22101
- An error occurred while detecting frameworks.-23001
- An error occurred while starting autopilot.-23002
- Failed to detect the frameworks of the application.-1200001
- This method is only available after the scan has completely successfully. (ACTION_NOT_AVAILABLE)-1200002
- The scan has an analysis or importation that is in-progress or completed. (SCAN_ALREADY_EXECUTED)-1200011
- The specified scan id or ticks is invalid. (INVALID_INPUT_COMBINATION)-1200012
- This method is not available for the type of the scan. (INVALID_TYPE)1200013
- No log is available for the specified scan. (LOG_FILE_NOT_EXIST)-1200014
- The specified threshold is invalid. (INVALID_THRESHOLD)-1300001
- This method is only available after the scan has completely successfully. (ACTION_NOT_AVAILABLE)-1400011
- An unspecified error occurred while extracting the archive file. (ARCHIVE_UNSPECIFIED_ERROR)-1400012
- The archive file is in an unsupported format. (ARCHIVE_NOT_SUPPORTED)-1400013
- An IO exception occurred while extracting the archive file. (ARCHIVE_IO_EXCEPTION)-1400014
- The archive file is corrupted. (ARCHIVE_INVALID_DATA)-1400015
- The path length of some entries in the archive exceeds the limit of the file system. (ARCHIVE_PATH_TOO_LONG)-1400017
- The scan configuration file is invalid. (ARCHIVE_INVALID_CONFIG_FILE)-1400121
- The action is not available. (ACTION_NOT_AVAILABLE)-1400122
- The uploaded report file is invalid. (INVALID_FOREIGN_REPORT)-1400131
- The repository connection string is invalid. (REPOSITORY_INVALID_CONNECTION_STRING)-1400132
- A connection error occurred when connecting to the repository. (REPOSITORY_CONNECTION_ERROR)-1400133
- An authentication or authorization error occurred when connecting to the repository. (REPOSITORY_AUTHENTICATION_ERROR)-1400139
- A generic error occurred when connecting to the repository. (REPOSITORY_GENERIC_ERROR)-1400151
- The uploaded rule package is invalid. (INVALID_RULE_PACK)-1400152
- Identification rules in the rule package are invalid. (INVALID_IDENTIFICATION_RULES)-1400153
- Identification source code rules in the rule package are invalid. (INVALID_IDENTIFICATION_SOURCE_CODE_RULES)-1400154
- Remediation rules in the rule packages are invalid. (INVALID_REMEDIATION_RULES)-1400155
- Suppression rules in the rule packages are invalid. (INVALID_SUPPRESSION_RULES)-1400156
- The rule package contains files with invalid names. (INVALID_FILE_NAME)-1400161
- The uploaded runtime is invalid. (INVALID_RUNTIME)-1400411
- The signature is invalid. (INVALID_SIGNATURE)-1700011
- The email already exists. (DUPLICATE_EMAIL)-1700012
- The email is invalid. (INVALID_EMAIL)-1700013
- The password is invalid. (INVALID_PASSWORD)-1700014
- The user does not exist in the Active Directory. (PROVIDER_ERROR)-1700021
- A generic error occurred. (GENERIC_ERROR)-1700031
- The user is invalid. (INVALID_USER)-3100001
- The specified scan arguments are invalid. (INVALID_SCAN_ARGUMENTS)-3100015
- The specified weakness policies are invalid. (INVALID_WEAKNESS_POLICIES)-3200001
- The query statement is invalid. (INVALID_QUERY_STATEMENT)-4100021
- Lucent Sky AVM Server setup program is missing. Contact your system administrator. (SETUP_NOT_FOUND)-4100031
- An unspecified error occurred during activation. Contact Lucent Sky support. (UNSPECIFIED_ACTIVATION_ERROR)-4100032
- The product key is not well-formed. (MALFORMED_PRODUCT_KEY)-4100033
- The license file is invalid. (INVALID_LICENSE_FILE)-4100034
- An error occurred while communicating with the activation server. Try again later or use offline activation. (ACTIVATION_SERVER_ERROR)-4100035
- The product key has expired or exceeded its activation limit. (EXPIRED_PRODUCT_KEY)-4100036
- The serial number in the license file does not match the serial number of this instance. (SERIAL_NUMBER_MISMATCH)-4100037
- An error occurred while setting up this instance as a node. (NODE_SETUP_ERROR)-4100038
- An error occurred while converting between editions. (CONVERSION_ERROR)-4100039
- An error occurred while initializing supplementary license store. (SUPPLEMENT_LICENSE_STORE_ERROR)4100041
- No log is available for the specified date range. (LOG_FILE_NOT_EXIST)4100042
- Restart CLEAR Engine to complete the maintenance. (RESTART_REQUIRED)-4100043
- There is one or more scans in progress. (SCAN_IN_PROGRESS)-9999960
- An I/O error occurred. (IO_ERROR)-9999970
- A data error occurred. (DATA_ERROR)-9999980
- A system error occurred. (SYSTEM_ERROR)-9999990
- An unexpected error occurred. (ERROR)