Scan Log messages

This section includes explanations of Scan Log messages (View > Scan Log).

All Scan Log messages are documented in this section. When relevant, explanations and possible user actions are included.
Number Message Explanation Possible user action
CRWAD0201I Scan created A new scan has been created. Any previous open scan data has been discarded. n/a
CRWAD0202I Starting Explore Starting the Explore stage of the scan. n/a
CRWAD0203I Crawling Crawling the application as part of the Explore stage. n/a
CRWAD0204I Analyzing Explore results Analyzing Explore results to create the tests for the Test stage of the scan. n/a
CRWAD0205I Starting Test Starting the Test stage of the scan n/a
CRWAD0206I Sending Starting URLs Sending the Starting URL, and any multi-step operations that were recorded. n/a
CRWAD0214I Starting Manual Explore n/a n/a
CRWAD0215I Multiphase scanning: Starting phase <#> n/a n/a
CRWAD0216I Scan stopped; scan duration: <time> n/a n/a
CRWAD0217I Explore and Test data cleared n/a n/a
CRWAD0218I Test data cleared n/a n/a
CRWAD0224I Scan was configured as an incremental scan [with/without] retest Indicates whether the Incremental scan is configured to test only new parts of the application, or also to retest for issues that were found in the base scxan. This setting is configured in Incremental scan wizard > Options
CRWAD0230I Configure incremental scan n/a n/a
CRWAD0301I Visited URL: <URL> n/a n/a
CRWAD0303I Skipping URL (due to extension): <URL> The scan is configured to exclude files with this extension, so this URL is being skipped. This can be changed in Configuration > Exclude Paths and Files.
CRWAD0304I Skipping URL (due to exclusion): <URL> The scan is configured to exclude this URL. This can be changed in Configuration > Exclude Paths and Files.
CRWAD0305I Skipping URL (host not included in scan): <URL> The scan is not configured to include this host. This can be changed in Configuration > URL and Servers.
CRWAD0306I Skipping URL (path limit exceeded): <URL> Maximum number of paths to explore has been reached. Path limit can be changed in Configuration > Explore Options.
CRWAD0307I Skipping URL (depth limit exceeded): <URL> Depth limit for the scan has been reached. Depth limit can be changed in Configuration > Explore Options.
CRWAD0308I Skipping URL (link limit exceeded): <URL> Link limit for the scan has been reached. Link limit can be changed in Configuration > Explore Options.
CRWAD0309I Created test <ID> <Issue Type Name> for URL: <URL> <param> n/a n/a
CRWAD0310I Skipping URL (Similar DOM was already scanned): <URL> n/a n/a
CRWAD0311I Skipping URL (DOM probably similar to one already scanned): <URL> n/a n/a
CRWAD0312I No decoding service was found for the domain: <Host> n/a n/a
CRWAD0313I A WebSphere Portal decoding service URL <URL> was located. n/a n/a
CRWAD0321I Form param < file name > no such file. One of the files referenced in the Postman Collection was not found in the Attachments ZIP file. Make sure that the file exists, and that the path to the file in the collection is correct.
CRWAD0322I Collection <URL> was added to scan n/a n/a
CRWAD0401I Login request detected: <URL> n/a n/a
CRWAD0402I Logout request detected: <URL> n/a n/a
CRWAD0403I Session Identifier detected; name = <name>; value = <value> n/a n/a
CRWAD0404I Session Identifier value refreshed; name = <name>; value = <value> n/a n/a
CRWAD0405I Session expired n/a n/a
CRWAD0406I Performing login n/a n/a
CRWAD0407I In-session pattern not detected n/a n/a
CRWAD0408I Operation timed out n/a n/a
CRWAD0409I Communication error n/a n/a
CRWAD0410I Unnecessary request removed: <URL> n/a n/a
CRWAD0412I Parameter [name] should be tracked in login, but is predefined as untracked. The specified parameter occurs in the login sequence, and AppScan® wanted to add it to the list of parameters and cookies (Scan Configuration > Parameters and Cookies) and set it to "Tracked" (to track it during the scan). However it is already listed, and is configured as "Do not track", so AppScan® has not changed its configuration. You may want to manually change the status of this parameter to "Tracked".
CRWAD0413I Cookie [name] should be tracked in login, but is predefined as untracked. The specified cookie occurs in the login sequence, and AppScan® wanted to add it to the list of parameters and cookies (Scan Configuration > Parameters and Cookies) and set it to "Tracked" (to track it during the scan). However it is already listed, and is configured as "Do not track", so AppScan® has not changed its configuration. You may want to manually change the status of this cookie to "Tracked".
CRWAD0414I New tracked parameter [name] added: The specified parameter has been added to the list of parameters and cookies (Scan Configuration > Parameters and Cookies), and defined as "Tracked", so it will be tracked during scanning. n/a
CRWAD0415I New tracked cookie [name] added: The specified cookie has been added to the list of parameters and cookies (Scan Configuration > Parameters and Cookies), and defined as "Tracked", so it will be tracked during scanning. n/a
CRWAD0416I In-Session Detection format set to: [pattern format] The format for the pattern which AppScan® searches for to verify that it is in-session (see Scan Configuration > Login Management > Details), has been changed. n/a
CRWAD0417I In-Session Detection pattern set to: [pattern] n/a n/a
CRWAD0418I In-Session URL set to: [URL] The URL in the login sequence which AppScan® uses to verify that it is logged-in, has been set to this URL (Scan Configuration > Login Management > Details). n/a
CRWAD0419I Login username set to: '<name>' = '<value>' n/a n/a
CRWAD0420I Login password set to: 'name' = 'value' n/a n/a
CRWAD0421I Logout page detection pattern set to: 'pattern' n/a n/a
CRWAD0422I [SessionManagement] Some requests got response status 401 Unauthorized or 403 Forbidden during the manual explore. You may be using expired tokens or need to configure login. Requests either in a Manual Explore or imported Postman Collection received Unauthorized or Forbidden responses. This message indicates that the recorded token may have expired or that login configuration is missing.
  1. Configure login if needed.
  2. If token has expired, do one of the following:
    • Manual Explore: Record the Manual Explore again with a valid token.
    • Postman Collection: Refer to Invalid long term token
CRWAD0423I Start analyzing login from Postman Collection n/a n/a
CRWAD0424I Finished analyzing login from Postman Collection, login sequence was detected Login was successfully configured for the scan. n/a
CRWAD0425I Login was not detected in the Postman Collection n/a Refer to Postman Collection scan troubleshooting
CRWAD0501I Test <ID> (<name>) is POSITIVE on: <URL> <param> n/a n/a
CRWAD0502I Test <ID> (<name>) is negative on: <URL> <param> n/a n/a
CRWAD0503I Test request <URL> failed due to communication error: <Error description> Possible reasons for the five possible error messages:
  • Unable to connect
    • The remote host is actively refusing the connection
    • The remote host is down
    • The network is unavailable
  • Connection timed out
    • No response was received from the server within the time limit
  • Connection closed (remotely)
    • The application tried to set KeepAlive on a connection that had already timed out
    • The connection was reset by the remote peer
  • Connection closed (locally)
    • The connection was aborted by the underlying socket provider
    • The overlapped operation was aborted due to the closure of the socket
    • There are too many open sockets in the underlying socket provider
  • Unknown
    • All other causes
CRWAD0504I URL discovered in test response: <URL>; Adding to unvisited URLs The new URL will be explored in the next phase of the scan, if there is one. If the phase limit has been reached, it will appear in the results as unvisited. n/a
CRWAD0505I Test <ID> (<name>) on <URL> was filtered by Adaptive test. n/a Adaptive test filtering can be changed in Configuration > Test Options.
CRWAD0506I Sending test <ID> (<name>) on: <URL> <param> n/a n/a
CRWAD0507I Page analysis started on [URL] n/a n/a
CRWAD0508I Page analysis completed on [URL] n/a n/a
CRWAD0509I Page analysis failed on [URL] with error: (error) n/a n/a
CRWAD0601I Cannot connect to host: <server name> n/a n/a
CRWAD0602I Connection established with host: <server name> n/a n/a
CRWAD0603I Stopping scan because required host(s) stopped responding n/a n/a
CRWAD0604I Stopping scan due to out-of-session detection AppScan® has detected that it is out-of-session, based on the pattern defined in Configuration > Login Management > Details, and was unable to log back in. The scan is therefore being stopped. n/a
CRWAD0605I AppScan® has detected that it is out-of-session. AppScan® has detected that it is out-of-session, based on the pattern defined in Configuration > Login Management > Details. n/a
CRWAD0606I Cannot connect to AppScan® Enterprise. n/a n/a
CRWAD0607I SSL configuration mismatch on host: {1}, defaulting to SSL protocol: {0}. When AppScan is unable to connect to the host using the most secure of the SSL protocols selected by the user, it attempts to use the other selected protocols, starting with the next most secure option. This message indicates that a successful match was found. This issue can arise when the operating system doesn't support an SSL protocol that is supported by AppScan and the host. Installing service packs or using a different operating system might resolve this mismatch issue.
CRWAD0608I No access to ADNS server, all ADNS tests will be disabled. AppScan is unable to access the ADNS server. Adding the ADNS server to AppScan's and the tested server's allowlists may solve the problem. Use:
Host: securityip.appsechcl.com
Post: 53
CRWAD0701I Starting Manual Test n/a n/a
CRWAD0702I Security issue added from Manual Test n/a n/a
CRWAD0801I Scan saved: <full path> n/a n/a
CRWAD0802I Security issue <Issue Type Name> deleted by user This issue was deleted by the user selecting it, right-clicking on it, and choosing Delete. n/a
CRWAD0803I Retesting security issue <Issue Type Name> n/a n/a
CRWAD0804I Re-test not supported for Test <ID> [<name>] The Re-test feature supports only black-box tests. In order to re-send this test you must run the appropriate module again.
CRWAD0805I Loading scan from file [full path]. Scan created in [version] , build [build number] n/a n/a
CRWAD0806I Security issue <Issue Type Name> set as vulnerable by user n/a n/a
CRWAD0807I Security issue <Issue Type Name> set as not vulnerable by user n/a n/a
CRWAD1101I <Extension log messages> This message was written to the log by an eXtension. eXtensions are managed in Tools > Extensions > Extension Manager.
CRWAD1201I Starting Explore of Multi-Step Operation Sequences Multi-Step Operations are managed in Configuration | Multi-Step Operations.
CRWAD1202I Finished Explore of Multi-Step Operation Sequences
CRWAD1203I Exploring Multi-Step Operation Sequence: <name>
CRWAD1204I Starting Test of Multi-Step Operation Sequences
CRWAD1205I Finished Test of Multi-Step Operation Sequences
CRWAD1206I Testing Multi-Step Operation Sequence: <name>
CRWAD1207I Optimization found for sequence [name]: Must play requests [#1] to [#2] before testing request [n] AppScan® has determined that the specified steps in the sequence will be played in order to test request n. Any earlier steps in the sequence (before step [#1]), will be omitted when testing this request. If necessary you can review and edit the sequence yourself in Scan Configuration > Multi-Step Operations.
CRWAD1208I Optimization found for sequence [name]: No playback needed before testing request [n] AppScan® has determined that no multi-step playback is needed before testing request [n]. Any earlier steps in the sequence will therefore be omitted when testing this request. If necessary you can review and edit the sequence yourself in Scan Configuration > Multi-Step Operations.
CRWAD1209I Unable to optimize request [n] in sequence: [name] All attempts to send request [n] failed (with or without the earlier requests in the multi-step sequence). As the optimization attempt failed, this request will not be tested. If AppScan® is wrong to ignore this request, disable the Allow Play Optimization check box in Configuration > Multi-Step Operations.
CRWAD1301I Generating Issue Information n/a You can control which Issue Information modules run automatically in Configuration > Issue Information view.
CRWAD1302I Finished generating Issue Information n/a n/a
CRWAD1303I Starting Issue Information module: <name> n/a n/a
CRWAD1304I Issue Information module finished: <name> n/a n/a
CRWAD1305I Issue Information module failed: <name> n/a n/a
CRWAD1615I Action-based player started. n/a n/a
CRWAD1616I Action-based player finished [SUCCESS] n/a n/a
CRWAD1617I Action-based player finished [FAILED] n/a n/a
CRWAD1618I Action-based player failed to log in, rolling back to request-based login. AppScan failed to log in using the action-based log in recording, and from now on will use the request-based version. Try reviewing or re-recording the action-based login sequence to resolve the issue.