AppScan® Source command line interface (CLI) command summary

The following table lists CLI commands, a description of each command, and whether login is required.
Note: Some commands are not supported when AppScan® Enterprise Server is used as the datastore on AppScan® Source version 10.0.2 or later. See individual command details for complete information.
Table 1. CLI commands
Command and abbreviation Description Login required
about (a)

Display the AppScan® Source Command Line Interface version and copyright information.

appscandelta (delta)

Performs a diff between two scan assessments. The CLI fetches the new findings or the resolved findings by comparing the scan assessment with the baseline assessment.

Yes
clearcache (cc)

Remove the vulnerability analysis cache and custom rules signature data. After opening an application using the openapplication (oa) command, you can clear its cache by issuing clearcache.

delete (del)

Deletes a child object from the current object.

Yes
deleteassess (da)

This command has been renamed. See removeassess (da).

deleteuser (du)
Delete a user from the AppScan® Source database.
Note: This command is not supported when AppScan® Enterprise Server is used as the datastore on AppScan® Source version 10.02 or later.
Yes
delvar (dv)

Delete a single variable.

Yes
details (det)

List the assessment details for the current object.

Yes
echo

Echoes all input and output to the screen.

export (expt)

Exports scan findings to a file of specified type. Available export output formats are CSV and SARIF.

Yes
getaseinfo (gase)

Print AppScan® Enterprise Server settings.

Yes
help (?)

Lists help for all commands or a single command.

import (im)

Use the import command to add projects (such as .ppf) to an existing application.

Yes
info (i)

Lists information about the current object's properties and values.

Yes
list (ls, dir)

List all objects under the current object in the object tree. The tree displays as a graphical representation of the object ID, name, and type.

Yes
listassess (la)

List the object ID and assessment date/time for the current object in the object tree. Use listassess to obtain an ID for use with the details command.

Yes
listgroups (lgrp)
Lists all of the groups, their permissions, and a description of each.
Note: This command is not supported when AppScan® Enterprise Server is used as the datastore on AppScan® Source version 10.02 or later.
Yes
listusers (lu)

Lists all AppScan® Source users.

Yes
log

Switch message logging on or off.

login (in)

Log in to the AppScan® Enterprise Server (replaces login_local (local)).

login_file

Log in to the AppScan® Enterprise Server using a token file (token files are created using the -persist option with the CLI login (in) command or when creating the AppScan® Source for Automation user).

logout (out)

Log out of AppScan® Source and terminate the command line interface AppScan® Source command line interface (CLI) session.

Yes
moduser (mu)
Modify user information such as permissions, user ID, and name for an AppScan® Source user.
Note: This command is not supported when AppScan® Enterprise Server is used as the datastore on AppScan® Source version 10.02 or later.
Yes
newuser (nu)

Create a new AppScan® Source user (a valid user name, password, and full name are required). AppScan® Source users can exist in the AppScan® Enterprise Server user repository and in the AppScan® Source database - or, if you have cause to have users that cannot access the server, they can be created locally as AppScan® Source users. You can also create a new AppScan® Source user that already exists on the AppScan® Enterprise Server.

Yes
openapplication (oa)

This command can be used to open an existing application - or to create a new AppScan® Source application file.

Yes
openassessmentfile (oaf)

Opens an AppScan® Source assessment file (file_name.ozasmt).

Yes
openfolder (of)

This command can be used to open an existing folder for scanning and set it as the current working directory of the CLI session/environment.

password (passwd)

The password command allows you to change your password or, if you have administrator permissions, to change another user's password.

Yes
printuser (pu)
The printuser (pu) command displays information about a single user on the screen.
Note: This command is not supported when AppScan® Enterprise Server is used as the datastore on AppScan® Source version 10.02 or later.
Yes
publishassess (pa)

Publish the current assessment or a selected assessment. When this command is used, the assessment is made available to an AppScan® Source client such as AppScan® Source for Analysis - but it is not made available to the AppScan® Enterprise Console (use the publishassessase (pase) command to publish to the AppScan® Enterprise Console).

Yes
publishassessase (pase)

Publish the current assessment or a selected assessment to the AppScan® Enterprise Console. When this command is used, the assessment is not available to AppScan® Source clients such as AppScan® Source for Analysis (use the publishassess (pa) command to publish to AppScan® Source clients).

Yes
quit

Ends and closes the AppScan® Source command line interface session. Issues a logout if you are logged in.

record (rc)

Turns command recording on or off.

refresh (rf)

Refresh restores the current project or application from disk.

Yes
register (reg)

Register projects and applications with the AppScan® Source database.

Yes
removeassess (da)

Remove the selected or current assessment from memory.

Yes
report (rpt)

Report generates an AppScan® Source report of the specified type, including findings reports and AppScan® Source reports. A valid AppScan® Source for Automation license is required for use of this command.

Yes
scan (sc)

Scans an application (or all applications), project, folder, or file. A valid AppScan® Source for Automation license is required for use of this command.

Yes
script (scr)

Run a script of commands.

setaseinfo (sase)

Specify Enterprise Console settings.

Yes
setcurrentobject (set, cd)

Use setcurrentobject to navigate the object tree.

Yes
setvar (sv)

Creates a new variable or modifies an existing variable.

Yes
unregister (unreg)

This command is used to unregister a previously registered application or project from the current node.

Yes

The following commands have been removed from the CLI or deprecated:

  • add: Deprecated. Do not use.
  • listproducts (lprod): Deprecated. Do not use.
  • liststopobject (lstop): Deprecated. Do not use.
  • login_admin: Removed. Do not use.
  • login_local (local): Deprecated. Use login (in).
  • new: Deprecated. Use openapplication (oa).
  • reset (r): Removed. Do not use.
  • runassess (ra): Deprecated. Use scan (sc).

openfolder (of)

Description

This command can be used to open an existing folder for scanning and set it as the current working directory of the CLI session/environment.

Folder scanning considers all languages supported by AppScan® Source and scans all related files.

Note: The openfolder command is available only through the AppScan® Source Command Line Interface client (CLI). The command is not supported by other AppScan® Source clients, including AppScan® Source for Automation.
Note: The openfolder command is not supported when AppScan® Source is configured with a database (SolidDB or Oracle.

Syntax

openfolder folder_path
folder: Required. The path of an existing folder to scan.

Example

To open a folder for scanning:
AllApplications>> openfolder /workspace/SimpleIOT
or
AllApplications>> openfolder C:\workspace\SimpleIOT