Exporting a Security Scan Report for External Use
For offline viewing and processing of security findings generated by Security for Bitbucket, you can export them to a csv
file. This file will have the following format:
You can export scan results using one of a few ways, each of which is described below.
Exporting a single branch via the Branch Scan Report
To export the vulnerabilities from a single branch, first navigate to the Branch Scan Report for the branch in question. Then click the Export button in the top right corner of the report:
Exporting from a Dashboard
From the Global, Project-level, and Repository-level Dashboards, there are two primary approaches to exporting scan results.
Using the Dashboard’s Export Dropdown
An Export dropdown is visible in the upper-right of each dashboard. Depending on which dashboard and view level, the relevant option will appear as one of the following:
Repository Scan Results
Project Scan Results
All Scan Results (only available from the Global Dashboard)
One example is shown below:
When exporting a repository, the generated report will contain the results found in all branches of that repository.
When exporting a project, the generated report will contain the results found in all branches of all repositories of that project.
When exporting all projects, the generated report will contain all results found in all projects in the Bitbucket instance. The resulting zip
file will contain one csv
file per project.
Export All Scan Results can put a strain on Bitbucket resources if there are a lot of results. Consequently, a dialog box will pop up to confirm that you wish to perform this action.
Using the Actions menu
From any dashboard, navigate to the desired level view, click the Actions dropdown menu, and select the Export item as shown below:
Exporting vulnerabilities via a REST call
You may also use various REST calls to export vulnerabilities of any given branch, repository, project, or the whole Bitbucket instance.