Skip to main content
Skip table of contents

Exporting Findings

Security for Confluence allows users to export CSV files containing findings in the spaces for which they have administration privileges. This can be done when viewing a space’s Security Analysis by clicking the Export Space dropdown at the top:

There are three options, all of which are in CSV format:

  • A Findings export contains the scan results for the space

  • A Reviewed False Positives export contains reviewed false positives, including who reviewed them and when they were reviewed. Reviewed false positives are scoped per-space and apply to all future and past findings in the space that match exactly.

  • A Scanned attachment information export contains information about scanned files attached to pages or blog posts. See Scanning Files Attached to Pages for more information.

You can also export findings for a particular space or for all spaces for which you have administration privileges, using the REST API.

Redacting findings in exported reports

If you want to keep the full text of findings from appearing in exported reports, you can disable the Include full finding text in exported reports setting in the plugin settings page:

Disabling this option will remove the Finding text and Full text columns from CSV exports, and will add a URL column, Report link – a link to the Security Analysis containing the finding.

Deduplicate findings in exports

If you want to show every finding occurrence in your export reports, you can disable the Deduplicate findings in exports setting. Otherwise, findings will be presented once for every page they’re discovered in, even if the are discovered more than once in the history of that page, blog post, or attachment. This behavior presents an export similar to the layout of the Security Analysis page.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.