Skip to main content
Skip table of contents

Exporting Findings

Security for Confluence allows users to export CSV files containing findings in the spaces for which they have administration privileges. This can be done when viewing a space’s Security Analysis by clicking the Export Space dropdown at the top:

There are three options, all of which are in CSV format:

  • A Findings export contains the scan results for the space

  • A Reviewed False Positives export contains reviewed false positives, including who reviewed them and when they were reviewed. Reviewed false positives are scoped per-space and apply to all future and past findings in the space that match exactly.

  • A Scanned attachment information export contains information about scanned files attached to pages or blog posts. See Scanning Files Attached to Pages for more information.

You can also export findings for a particular space or for all spaces for which you have administration privileges, using the REST API.

Redacting findings in exported reports

If you want to keep the full text of findings from appearing in exported reports, you can disable the Include full finding text in exported reports setting in the plugin settings page:

Disabling this option will remove the Finding text and Full text columns from CSV exports, and will add a URL column, Report link – a link to the Security Analysis containing the finding.

Deduplicate findings in exports

If you want to show every finding occurrence in your export reports, you can disable the Deduplicate findings in exports setting. Otherwise, findings will be presented once for every page they’re discovered in, even if the are discovered more than once in the history of that page, blog post, or attachment. This behavior presents an export similar to the layout of the Security Analysis page.

Columns in exported findings reports

Following are the column names in the exported reports, in order, most of which are self-explanatory:

  1. Space key

  2. Location type: ATTACHMENT, PAGE, or BLOG_POST

  3. Content title

  4. Content ID

  5. Latest content version, or Content version if the “Deduplicate findings in exports” setting is disabled.

  6. Historical: if this scan finding is historical.

  7. Rule name

  8. Match text: the exact match text of the finding. This can be used to review the finding; see Hiding false positives, revoked credentials, etc.. Excluded if the “Include full finding text in exports” setting is disabled.

  9. Reviewed?

  10. Globally Reviewed?

  11. Publication time

  12. Report link: included if the “Include full finding text in exports” setting is enabled.

  13. Content link

  14. Full text: the complete text of the fragment, or, if it is too long, then only the specific text that triggered the finding. Excluded if the “Include full finding text in exports” setting is disabled.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close