Scan Log messages

This section includes explanations of Scan Log messages (View > Scan Log).

All Scan Log messages are documented in this section. When relevant, explanations and possible user actions are included.
Number Message Explanation Possible user action
CRWAD0201I Scan created A new scan has been created. Any previous open scan data has been discarded. n/a
CRWAD0202I Starting Explore Starting the Explore stage of the scan. n/a
CRWAD0203I Crawling Crawling the application as part of the Explore stage. n/a
CRWAD0204I Analyzing Explore results Analyzing Explore results to create the tests for the Test stage of the scan. n/a
CRWAD0205I Starting Test Starting the Test stage of the scan n/a
CRWAD0206I Sending Starting URLs Sending the Starting URL, and any multi-step operations that were recorded. n/a
CRWAD0214I Starting Manual Explore n/a n/a
CRWAD0215I Multiphase scanning: Starting phase <#> n/a n/a
CRWAD0216I Scan stopped; scan duration: <time> n/a n/a
CRWAD0217I Explore and Test data cleared n/a n/a
CRWAD0218I Test data cleared n/a n/a
CRWAD0219I Time limit reached. Stopping scan... The time limit set for Scan Expert's Explore stage was reached, so it was stopped and Scan Expert proceeded to the evaluation stage. (If AppScan® is configured to apply changes automatically and then proceed to the main scan, it will do so. "Stopping scan" refers only to Scan Expert's Explore stage.) To change the time limit go to Scan Configuration > Scan Expert.
CRWAD0224I Scan was configured as an incremental scan [with/without] retest Indicates whether the Incremental scan is configured to test only new parts of the application, or also to retest for issues that were found in the base scxan. This setting is confugured in Incremental scan wizard > Options
CRWAD0301I Visited URL: <URL> n/a n/a
CRWAD0303I Skipping URL (due to extension): <URL> The scan is configured to exclude files with this extension, so this URL is being skipped. This can be changed in Configuration > Exclude Paths and Files.
CRWAD0304I Skipping URL (due to exclusion): <URL> The scan is configured to exclude this URL. This can be changed in Configuration > Exclude Paths and Files.
CRWAD0305I Skipping URL (host not included in scan): <URL> The scan is not configured to include this host. This can be changed in Configuration > URL and Servers.
CRWAD0306I Skipping URL (path limit exceeded): <URL> Maximum number of paths to explore has been reached. Path limit can be changed in Configuration > Explore Options.
CRWAD0307I Skipping URL (depth limit exceeded): <URL> Depth limit for the scan has been reached. Depth limit can be changed in Configuration > Explore Options.
CRWAD0308I Skipping URL (link limit exceeded): <URL> Link limit for the scan has been reached. Link limit can be changed in Configuration > Explore Options.
CRWAD0309I Created test <ID> <Issue Type Name> for URL: <URL> <param> n/a n/a
CRWAD0310I Skipping URL (Similar DOM was already scanned): <URL> n/a n/a
CRWAD0311I Skipping URL (DOM probably similar to one already scanned): <URL> n/a n/a
CRWAD0312I No decoding service was found for the domain: <Host> n/a n/a
CRWAD0313I A WebSphere Portal decoding service URL <URL> was located. n/a n/a
CRWAD0401I Login request detected: <URL> n/a n/a
CRWAD0402I Logout request detected: <URL> n/a n/a
CRWAD0403I Session Identifier detected; name = <name>; value = <value> n/a n/a
CRWAD0404I Session Identifier value refreshed; name = <name>; value = <value> n/a n/a
CRWAD0405I Session expired n/a n/a
CRWAD0406I Performing login n/a n/a
CRWAD0407I In-session pattern not detected n/a n/a
CRWAD0408I Operation timed out n/a n/a
CRWAD0409I Communication error n/a n/a
CRWAD0410I Unnecessary request removed: <URL> n/a n/a
CRWAD0412I Parameter [name] should be tracked in login, but is predefined as untracked. The specified parameter occurs in the login sequence, and AppScan® wanted to add it to the list of parameters and cookies (Scan Configuration > Parameters and Cookies) and set it to "Tracked" (to track it during the scan). However it is already listed, and is configured as "Do not track", so AppScan® has not changed its configuration. You may want to manually change the status of this parameter to "Tracked".
CRWAD0413I Cookie [name] should be tracked in login, but is predefined as untracked. The specified cookie occurs in the login sequence, and AppScan® wanted to add it to the list of parameters and cookies (Scan Configuration > Parameters and Cookies) and set it to "Tracked" (to track it during the scan). However it is already listed, and is configured as "Do not track", so AppScan® has not changed its configuration. You may want to manually change the status of this cookie to "Tracked".
CRWAD0414I New tracked parameter [name] added: The specified parameter has been added to the list of parameters and cookies (Scan Configuration > Parameters and Cookies), and defined as "Tracked", so it will be tracked during scanning. n/a
CRWAD0415I New tracked cookie [name] added: The specified cookie has been added to the list of parameters and cookies (Scan Configuration > Parameters and Cookies), and defined as "Tracked", so it will be tracked during scanning. n/a
CRWAD0416I In-Session Detection format set to: [pattern format] The format for the pattern which AppScan® searches for to verify that it is in-session (see Scan Configuration > Login Management > Details), has been changed. n/a
CRWAD0417I In-Session Detection pattern set to: [pattern] n/a n/a
CRWAD0418I In-Session URL set to: [URL] The URL in the login sequence which AppScan® uses to verify that it is logged-in, has been set to this URL (Scan Configuration > Login Management > Details). n/a
CRWAD0419I Login username set to: '<name>' = '<value>' n/a n/a
CRWAD0420I Login password set to: 'name' = 'value' n/a n/a
CRWAD0421I Logout page detection pattern set to: 'pattern' n/a n/a
CRWAD0501I Test <ID> (<name>) is POSITIVE on: <URL> <param> n/a n/a
CRWAD0502I Test <ID> (<name>) is negative on: <URL> <param> n/a n/a
CRWAD0503I Test request <URL> failed due to communication error: <Error description> Possible reasons for the five possible error messages:
  • Unable to connect
    • The remote host is actively refusing the connection
    • The remote host is down
    • The network is unavailable
  • Connection timed out
    • No response was received from the server within the time limit
  • Connection closed (remotely)
    • The application tried to set KeepAlive on a connection that had already timed out
    • The connection was reset by the remote peer
  • Connection closed (locally)
    • The connection was aborted by the underlying socket provider
    • The overlapped operation was aborted due to the closure of the socket
    • There are too many open sockets in the underlying socket provider
  • Unknown
    • All other causes
CRWAD0504I URL discovered in test response: <URL>; Adding to unvisited URLs The new URL will be explored in the next phase of the scan, if there is one. If the phase limit has been reached, it will appear in the results as unvisited. n/a
CRWAD0505I Test <ID> (<name>) on <URL> was filtered by Adaptive test. n/a Adaptive test filtering can be changed in Configuration > Test Options.
CRWAD0506I Sending test <ID> (<name>) on: <URL> <param> n/a n/a
CRWAD0507I Page analysis started on [URL] n/a n/a
CRWAD0508I Page analysis completed on [URL] n/a n/a
CRWAD0509I Page analysis failed on [URL] with error: (error) n/a n/a
CRWAD0601I Cannot connect to host: <server name> n/a n/a
CRWAD0602I Connection established with host: <server name> n/a n/a
CRWAD0603I Stopping scan because required host(s) stopped responding n/a n/a
CRWAD0604I Stopping scan due to out-of-session detection AppScan® has detected that it is out-of-session, based on the pattern defined in Configuration > Login Management > Details, and was unable to log back in. The scan is therefore being stopped. n/a
CRWAD0605I AppScan® has detected that it is out-of-session. AppScan® has detected that it is out-of-session, based on the pattern defined in Configuration > Login Management > Details. n/a
CRWAD0606I Cannot connect to AppScan® Enterprise. n/a n/a
CRWAD0607I SSL configuration mismatch on host: {1}, defaulting to SSL protocol: {0}. When AppScan is unable to connect to the host using the most secure of the SSL protocols selected by the user, it attempts to use the other selected protocols, starting with the next most secure option. This message indicates that a successful match was found. This issue can arise when the operating system doesn't support an SSL protocol that is supported by AppScan and the host. Installing service packs or using a different operating system might resolve this mismatch issue.
CRWAD0701I Starting Manual Test n/a n/a
CRWAD0702I Security issue added from Manual Test n/a n/a
CRWAD0801I Scan saved: <full path> n/a n/a
CRWAD0802I Security issue <Issue Type Name> deleted by user This issue was deleted by the user selecting it, right-clicking on it, and choosing Delete. n/a
CRWAD0803I Retesting security issue <Issue Type Name> n/a n/a
CRWAD0804I Re-test not supported for Test <ID> [<name>] The Re-test feature supports only black-box tests. In order to re-send this test you must run the appropriate module again.
CRWAD0805I Loading scan from file [full path]. Scan created in [version] , build [build number] n/a n/a
CRWAD0806I Security issue <Issue Type Name> set as vulnerable by user n/a n/a
CRWAD0807I Security issue <Issue Type Name> set as not vulnerable by user n/a n/a
CRWAD1001I Starting Scan Expert n/a n/a
CRWAD1002I Scan Expert finished n/a n/a
CRWAD1003I Starting Scan Expert Evaluation n/a n/a
CRWAD1004I Scan Expert Evaluation finished n/a n/a
CRWAD1005I Automatically applying Scan Expert test results Automatically updating the scan configuration based on Scan Expert test results. n/a
CRWAD1006I Finished applying Scan Expert test results Finished automatically updating the scan configuration based on Scan Expert test results. n/a
CRWAD1007I Scan Expert Analysis evaluated: <name> n/a n/a
CRWAD1008I Scan Expert Analysis failed to evaluate: <name> n/a n/a
CRWAD1009I Applying Scan Expert Recommendation: <name> n/a n/a
CRWAD1010I Scan Expert: Explore Optimization: Pausing scan to analyze... n/a n/a
CRWAD1011I Scan Expert: Explore Optimization: Automatically started The Explore Optimization module is configured to start automatically when you run a scan. This setting can be changed in Tools > Explore Optimization: Configure
CRWAD1012I Scan Expert: Explore Optimization: Manually started n/a n/a
CRWAD1013I Scan Expert: Explore Optimization: Maximum repeats per iteration reached. Resuming scan to gather more URLs n/a n/a
CRWAD1014I Scan Expert: Explore Optimization: Activating High Performance Mode for this phase n/a n/a
CRWAD1015I Scan Expert: Explore Optimization: Phase complete. For next phase setting URL limit to {0} n/a n/a
CRWAD1016I Scan Expert: Explore Optimization: Restarting scan... Following configuration changes made by the Explore Optimization module, it was necessary to delete the existing Explore data and start the Explore stage again. n/a
CRWAD1017I Scan Expert: Explore Optimization: Resuming scan... No configuration changes were made that required clearing the existing data before continuing. The scan is being resumed from where it left off. n/a
CRWAD1018I Scan Expert: Explore Optimization: Not enough URLs (should be above {0}) The Switch Complexity setting defines how many URLs must contain the same rewritten segment before the Explore Optimization module will attempt to define that segment as a parameter and rerun the Explore stage. This threshold was not reached. You may want to reduce the Switch Complexity setting in Tools | Extentions | Explore Optimization: Configure.
CRWAD1019I Scan Expert: Explore Optimization: Aborting... Explore Optimization was aborted by the user. n/a
CRWAD1020I Scan Expert: Explore Optimization: Step 1, identifying navigational parameters... The Explore Optimization module is attempting to identify navigational parameters. If it does so it will set their Redundancy Tuning to the strictest setting. n/a
CRWAD1021I Scan Expert: Explore Optimization: Analyzing {0} unique URLs n/a n/a
CRWAD1022I Scan Expert: Explore Optimization: Time allowed for analysis exceeded The time allowed for Explore Optimization to run was exceeded. You can change this setting in Tools > Extensions > Explore Optimization: Configuration.
CRWAD1023I Scan Expert: Explore Optimization: Analysis complete. n/a n/a
CRWAD1024I Scan Expert: Explore Optimization: Analysis failed. n/a n/a
CRWAD1025I Scan Expert: Explore Optimization: Applying configuration changes... n/a n/a
CRWAD1026I Scan Expert: Explore Optimization: No optimizations found n/a n/a
CRWAD1027I Scan Expert: Explore Optimization: Redundancy Tuning Default settings changed n/a n/a
CRWAD1028I Scan Expert: Explore Optimization: Found rewrite rule: {0} n/a n/a
CRWAD1029I Scan Expert: Explore Optimization: Found navigational parameter '{0}' n/a n/a
CRWAD1030I Scan Expert: Explore Optimization: Step 2, identifying URL rewriting... The Explore Optimization module is attempting to identify URL rewriting. If it does so, it will create appropriate custom parameters (Scan Configuration > Parameters and Cookies > Advanced tab) and run a new Explore stage. n/a
CRWAD1101I <Extension log messages> This message was written to the log by an eXtension. eXtensions are managed in Tools > Extensions > Extension Manager.
CRWAD1201I Starting Explore of Multi-Step Operation Sequences Multi-Step Operations are managed in Configuration | Multi-Step Operations.
CRWAD1202I Finished Explore of Multi-Step Operation Sequences
CRWAD1203I Exploring Multi-Step Operation Sequence: <name>
CRWAD1204I Starting Test of Multi-Step Operation Sequences
CRWAD1205I Finished Test of Multi-Step Operation Sequences
CRWAD1206I Testing Multi-Step Operation Sequence: <name>
CRWAD1207I Optimization found for sequence [name]: Must play requests [#1] to [#2] before testing request [n] AppScan® has determined that the specified steps in the sequence will be played in order to test request n. Any earlier steps in the sequence (before step [#1]), will be omitted when testing this request. If necessary you can review and edit the sequence yourself in Scan Configuration > Multi-Step Operations.
CRWAD1208I Optimization found for sequence [name]: No playback needed before testing request [n] AppScan® has determined that no multi-step playback is needed before testing request [n]. Any earlier steps in the sequence will therefore be omitted when testing this request. If necessary you can review and edit the sequence yourself in Scan Configuration > Multi-Step Operations.
CRWAD1209I Unable to optimize request [n] in sequence: [name] All attempts to send request [n] failed (with or without the earlier requests in the multi-step sequence). As the optimization attempt failed, this request will not be tested. If AppScan® is wrong to ignore this request, disable the Allow Play Optimization check box in Configuration > Multi-Step Operations.
CRWAD1301I Generating Issue Information n/a You can control which Issue Information modules run automatically in Configuration > Issue Information view.
CRWAD1302I Finished generating Issue Information n/a n/a
CRWAD1303I Starting Issue Information module: <name> n/a n/a
CRWAD1304I Issue Information module finished: <name> n/a n/a
CRWAD1305I Issue Information module failed: <name> n/a n/a
CRWAD1401I <#> web service request(s) were explored n/a n/a
CRWAD1615I Action-based player started. n/a n/a
CRWAD1616I Action-based player finished [SUCCESS] n/a n/a
CRWAD1617I Action-based player finished [FAILED] n/a n/a
CRWAD1618I Action-based player failed to log in, rolling back to request-based login. AppScan failed to log in using the action-based log in recording, and from now on will use the request-based version. Try reviewing or re-recording the action-based login sequence to resolve the issue.