Capturing and Importing Traffic Data

Traffic Data Capturing Methods

AppScan Enterprise supports traffic or login sequence data captured using tools listed in the following table.

Traffic record Tools Output File Format Reference Topic
AppScan Proxy Server *.dast.config or *.har Test Automation in AppScan Enterprise Using AppScan Proxy Server
AppScan Activity Recorder (Chrome browser extension) seq_*.dast.config Capturing Traffic and Actions using AppScan Activity Recorder
Manual Explore *.htd Manual Explore
AppScan Standard *.exd or *.login

Importing Traffic Data File to Scan Jobs

A traffic record tools (Manual Explorer, AppScan Proxy Server, AppScan Activity Recorder etc) generates traffic data file related to a login activity or applications exploring activity data, which are referred as, Login sequence file and the application explore data file, respectively. These files can be imported to scan jobs in AppScan Enterprise.

Importing Login sequence file through UI

To an ADAC scan jobs:

  1. In the Scans view, edit an ADAC scan job to which the login sequence file to be imported.

    The AppScan Dynamic Analysis Client dialog box appears.

  2. Click Login Management. The Login Management page appears.
  3. Click Recorded and then click Import to browse and select the login sequence file saved in the file system.
  4. Select a scan job to which you want to import the traffic data file. The file importing process depending on whether it’s a scan job created through ADAC or content scan jobs.
  5. The file is uploaded to the respective scan job and ready for analysis.

To a content scan jobs:

  1. In the Scans view, edit a content scan job to which the login sequence file to be imported. The scan edit page appears.
  2. Under Explore menu, click Login Management.
  3. On the Login Method page, click Recorded (Recommended). The Record Login Sequence page is displayed.
  4. Click Import login sequence file to browse and select the login sequence file saved in the file system.
Importing Login Sequence file to scan through REST API

To an ADAC scan jobs:

  1. Use the API /jobs/{jobId}/dastconfig/updatetraffic/ to import the recorded login data to an ADAC scan job.
  2. Enter action parameter as login.

    For more information on this API, refer to the Swagger documentation provided with Appscan Enterprise.

To a content scan job:

Use the API /services/folderitems/<fiid>/recordedlogindata to import the recorded login data to a content scan job.

For more information on this API, refer Upload Recorded login data topic on knowledge center.

Importing Manual Explore(Traffic) data file through UI
  1. In the Scans view, edit an ADAC scan job to which the traffic file to be imported.

    The AppScan Dynamic Analysis Client dialog box appears.

  2. Click Manual Explorer.
  3. Click Import to browse and select the traffic file saved in the file system.

To a content scan jobs:

  1. In the Scans view, edit a content scan job to which the traffic file to be imported. The scan edit page appears.
  2. Under Explore menu, click What to Scan.
  3. On the What to Scan page, click Manual Explore.
  4. Click Add.
  5. Click Browse to select a traffic file saved in the file system.
Importing Manual Explore (traffic) data file to scan through REST API

To an ADAC scan jobs:

Use the API /jobs/{jobId}/dastconfig/updatetraffic/ to import the traffic file to a ADAC scan job.

Note: The size of the traffic file should not exceed 200 MB.

For more information on this API, refer to the API documentation provided with the Appscan Enterprise.

To a content scan jobs:

Use the API /services/folderitems/<fiid>/httptrafficdata to import the manual explore data to a content scan job.

Note: The size of the traffic file should not exceed 20 MB.

For more information on this API, refer Upload Manual Explore data topic on knowledge center.