find-analysis-scripts

Finds scripts, data functions, and custom queries in files in the library.

find-analysis-scripts 
[-b value | --bootstrap-config=value] 
[-t value | --tool-password=value] 
[-p value | --library-parent-path=value]
[-e value | --library-search-expression=value] 
[-s <true|false> | --auto-trust-scripts=<true|false>] 
[-d <true|false> | --auto-trust-data-functions=<true|false>] 
[-q <true|false> | --auto-trust-custom-queries=<true|false>] 
[-n | --no-prompt] 
[-i | --single-threaded] 
[-v | --verbose] 
[output directory]

Overview

Use this command for analyzing all files (of relevant types) in the library to locate scripts, data functions, and custom queries so that these (after review) can be trusted. The output of the command is a (possibly empty) report of all findings, and a (possibly empty) script that can be used for trusting the scripts, data functions, and custom queries in bulk.

Options

Option Optional or Required Default Value Description
-b value
--bootstrap-config=value
Optional none The path to the bootstrap configuration file. See Bootstrap.xml file for more information about this file.
-t value
--tool-password=value
Optional none The configuration tool password used to decrypt the database password in the bootstrap.xml file. If the tool password is omitted, the command will prompt the end-user for it on the console. See Bootstrap.xml file for more information.
-p value
--library-parent-path=value
Optional none The path to a library folder with the files that should be analyzed (files in sub-folders will also be included).
-e value
--library-search-expression=value
Optional none A library search expression matching the files that should be analyzed.
-s <true|false>
--auto-trust-scripts=<true|false>
Optional false This flag indicates that any untrusted scripts that are found should be trusted automatically. Use this option with care. The scripts SHOULD BE REVIEWED before being trusted.
-d <true|false>
--auto-trust-data-functions=<true|false>
Optional false This flag indicates that any untrusted data functions that are found should be trusted automatically. Use this option with care. The data functions SHOULD BE REVIEWED before being trusted.
-q <true|false>
--auto-trust-custom-queries=<true|false>
Optional false This flag indicates that any untrusted custom queries that are found should be trusted automatically. Use this option with care. The custom queries SHOULD BE REVIEWED before being trusted.
-n
--no-prompt
Optional none This flag indicates that the tool should proceed without printing a warning about the potentially long execution time and prompting for confirmation to continue.
-i
--single-threaded
Optional none This flag indicates that the analysis should be done in a single thread (this will reduce CPU, memory, and network usage but increase execution time).
-v
--verbose
Optional none This flag indicates that verbose progress output should be given.
[output directory]
Optional find-analysis-scripts The directory to which the output of the tool will be written.

If the directory does not exist it will be created (in the current working directory, if the path is relative).

Examples

  • To run the analysis only against items that do not exceed a certain size:
    config find-analysis-scripts --library-search-expression="content_size:<500MB"
  • To run the analysis only against the items in a particular folder:
    config find-analysis-scripts --library-parent-path="/Production/Critical"
  • To run the analysis in a single thread (to reduce memory and CPU consumption):
    config find-analysis-scripts --single-threaded
  • To automatically trust any data functions after running the analysis:
    config find-analysis-scripts --auto-trust-data-functions