在评估文件中包括已排除的发现结果
缺省情况下,采用了 Intelligent Findings Analytics (IFA) 的扫描将在评估文件 (ozasmt) 中包括已被排除的发现结果。可以使用 scan.ozsettings 文件中的 include_excluded_findings
属性控制此行为。
当扫描程序导致生成含许多已排除的发现结果的极大型评估文件时,处理此属性非常有用。
要在评估文件中包括已排除的发现结果,请执行以下操作:
- 在 scan.ozsettings 的 {source-data-directory}/config 部分中,找到
include_excluded_findings
属性并验证其值是否为"true"
:<Setting name="include_excluded_findings" read_only="false" default_value="true" description="Option to include findings excluded due to IFA into the assessment." type="bool" value="true" display_name="Include IFA excluded findings" hidden="true" />
"True"
是include_excluded_findings
的缺省值。
要从评估文件中排除已排除的发现结果,请执行以下操作:
- 在 scan.ozsettings 的 {source-data-directory}/config 部分中,找到
include_excluded_findings
属性并将其值更改为"false"
。
包括已排除的发现结果的评估文件样例:
<AssessmentStats class_total="0" date="" duration="0" error_status="0" language_type="17" line_total="1919" max_vdensity="1058.363731" max_vkloc="17.196456" method_total="0" total_call_sites="0" total_call_sites_informational="0" total_call_sites_not_vulnerable="0" total_excluded_findings="166" total_files="25" total_findings="33" total_high_finding="19" total_high_high_finding="0" total_high_low_finding="0" total_high_med_finding="19" total_low_finding="2" total_low_high_finding="1" total_low_low_finding="0" total_low_med_finding="1" total_med_finding="12" total_med_high_finding="0" total_med_low_finding="0" total_med_med_finding="12" vdensity="1058.363731" vkloc="17.196456">
<VulnType name="Malicious" total_high_finding="1" total_low_finding="0" total_med_finding="0"/>
<VulnType name="Vulnerability.ErrorHandling.RevealDetails.Message" total_high_finding="0" total_low_finding="0" total_med_finding="1"/>
<VulnType name="Vulnerability.Validation.EncodingRequired" total_high_finding="0" total_low_finding="0" total_med_finding="30"/>
<VulnType name="Vulnerability.Validation.Required" total_high_finding="0" total_low_finding="0" total_med_finding="1"/>
</AssessmentStats>
请注意 total_excluded_findings="166"
。如果 include_excluded_findings
设置为 "false"
,那么 total_excluded_findings
的值将是 "0"
。注:
include_excluded_findings
属性仅在 use_ifa="true"
时有效。