You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »

Kiuwan Local Analyzer is able to synchronize its local analysis configuration with Kiuwan servers.

Use this feature if you need to run multiple KLA instances or just make sure that all your analyses are run with the same configuration.

You can share between your KLA instances these parts of the analysis configuration:

  • Code Security and Code Analysis configuration options:
    • Anything that can be configured through KLA's graphical user interface can be centralized and distributed to your KLA instances, e.g. include patterns, exclude patterns, analysis memory, language extensions and specific language options.
    • All specific application configuration made will be synchronized as well.
    • All default and application specific custom neutralizations will be syncrhonized.
    • All custom libraries will be synchronized: if you are analyzing your applications with customized rules, you can provide Kiuwan your rules implementations so they can be distributed to all your KLA instances.
  • Insights configuration options:
    • All options for Insights analyses will be synchronized, e.g. include patterns, exclude patterns, custom repository URLs.

Creating a centralized configuration

Centralized configuration is made up by two kind of files that can be uploaded to Kiuwan:

  • Kiuwan Local Analyzer custom configuration zip: this file can be generated from any Kiuwan Local Analyzer instance.
  • Custom rules jar files: if you have implemented your own rules, you can upload to Kiuwan both their definitions and implementations.

You can upload both kind of files, one of them or none. This is up to you.

Note that if you do not upload any configuration file to Kiuwan, your Kiuwan Local Analyzer instances will work the same way as before: they will use their local configuration resources.

Step 1: configure your applications

First of all, you will need a copy of Kiuwan Local Analyzer where you can access its GUI. If you already own one where you have all your applications configured, you can jump to the next step.

The idea here is that you configure all your applications' analysis specific options in this Kiuwan Local Analyzer instance so you can generate a custom configuration zip that can be uploaded to Kiuwan.

Please refer to Start your First Scan with Kiuwan Local Analyzer section to learn how to configure your applications.

In order to configure Insights specific options, you will need to edit directly Insights configuration file, located under $(AGENT_HOME)/conf/insight.properties.

Step 2: create a custom configuration zip file

Once you have finisihed configuring Kiuwan Local Analyzer, you will need to dump all needed files to a custom configuration zip file.

To do so, open a terminal to $(AGENT_HOME)/bin and execute one of these commands:

Under Windows Operating Systems:

agent.cmd -dac

Under Unix-like and OSX:

./agent.sh -dac

Once the command is run, you will see this output:

#       #
#       #
#
#    #  #   #    #  #          #   ###    # ###
#   #   #   #    #   #   ##   ##  #   #   ###  #
#  #    #   #    #   #   ##   #       #   #    #
####    #   #    #   #  ## #  #    ####   #    #
#  #    #   #    #    # #  # #    #   #   #    #
#  ##   #   #    #    # #  # #   #    #   #    #
#   #   #   #    #    ##    ##   #    #   #    #
#    #  #   ######     #    #     #####   #    #

                                   www.kiuwan.com

java version "1.8.0_121"
Java(TM) SE Runtime Environment (build 1.8.0_121-b13)
Java HotSpot(TM) 64-Bit Server VM (build 25.121-b13, mixed mode)

Current Kiuwan Local Analyzer version: development.1539.p597.q12363
New Kiuwan Local Analyzer version available: development.1539.p597.q12363
Kiuwan Local Analyzer is up to date
Launching...

java version "1.8.0_121"
Java(TM) SE Runtime Environment (build 1.8.0_121-b13)
Java HotSpot(TM) 64-Bit Server VM (build 25.121-b13, mixed mode)

Running dump analysis configuration mode...
Written configuration to /home/kla_user/KiuwanLocalAnalyzer/temp/conf/202002250815_kiuwan_analysis_config.zip
Written md5 = d03934e5c54218a9c2116f84aec787ba
Done!

Two files will be written to $(AGENT_HOME)/temp/conf:

  • A zip file named yyyyMMddHHss_kiuwan_analysis_config.zip: this is the zip file that contains the configuration of this Kiuwan Local Analyzer instance.
  • A text file with the same name and md5 extension: this is a fingerprint of the previous file that can be uploaded to Kiuwan to verify its integrity.

Step 3: upload your custom configuration to Kiuwan

 

Step 4: run your analyses

 

  • No labels