The Licensing and Compliance Alerts screen enables you to review alert details for licensing and compliance/quality issues reported for a given product or project. Additionally, you can display alerts based on flexible and varied filtering options, ignore and activate (restore) a selection of vulnerability alerts associated with the selected library, etc.
Accessing the Licensing and Compliance Alerts Screen
To access the Licensing and Compliance Alerts screen, do as follows:
- From the menu bar, select Alerts > Other Alerts: Licensing and Compliance. The Licensing and Compliance Alerts screen is displayed.
Generating the Alerts List
- Filter the alert by the following parameters:
- Time - Filters for the time scope
- Products - Filters for the relevant product
- Projects - Filters for the relevant project
- All Types - Filters for the relevant licensing issue
- Vulnerability ID - Filters for the relevant ID
- Status - Filters for active, ignored or resolved (resolved alerts are those that include statuses Ignored, Library Removed, Library In-House, and Library Whitelist) alerts
- For additional (hidden) filters, expand Filter. Options are as follows:
- By Library - Filters according to library, library type, severity, or source file
- By Project - Filters according to the specified project
- By Product - Filters according to the specified product
- By Description- Filters according to the description text that matches each alert's type
- By Library Type- Filters according to the specified library type
- By Creation Date- Filters according to the specified creation date
- By Modified Date- Filters according to the specified modified date
After making your filtering selections, enter the specific value in the Value.
- Click Apply to set the filters. The list is generated.
|Library||Library name where the licensing and compliance issue was found |
|Type||Type of alert|
|Project||The project where the licensing and compliance issue was found|
|Product||The product where the licensing and compliance issue was found|
|Description||Description of the licensing and compliance issue|
|Details||Specific information regarding the alert's type |
Alerting status of the vulnerability:
- Active- The application will notify users about the alert and list it by default in the dashboard
- Ignored - The application will not notify users about the alert and will not list it by default under the dashboard
- Resolved - Alerts in statuses Ignored, Library Removed, Library In-House, and Library Whitelist and therefore the application will not notify users about the alert
All data can be filtered and sorted.
|Library Type||Java, source library, etc.|
The date when the alert was created
The date when the alert was modified
- To ignore an alert, check the alert's row (checkbox on the left) and select Action > Ignore.
To activate an ignored alert, filter the table for ignored alerts, then check the alert's row (checkbox on the left) and select Action > Activate. The alert will no longer appear in the ignored alerts list and will appear instead in the list of active alerts.
The actions of ignoring and activating alerts are saved to the Change Log History Report. This report can be used to filter and monitor these actions, and to view who performed them and when, and to view any informative comments that those users might have added.
- To export an alert to a selected format (Excel, XML or JSON), check the alert's row (checkbox on the left), select Action > Export, and select your desired format.
Viewing Additional Details
- To view information for a specific vulnerability's library, in Library, select the library. The Library Details page is displayed. This page displays relevant information regarding the library such as vulnerability trends, copyright information, and library vulnerabilities.
- To view information for a specific library's related product or project, in the Product or Project column, click the relevant product or project. The relevant Home screen for that product or project is displayed with a variety of dashboard options, including security alerts, license analysis and vulnerability analysis.