Exporting Findings
Security for Confluence allows users to export CSV files containing findings in the spaces for which they have administration privileges. This can be done from the Soteri Dashboard, or when viewing a particular space’s Security Analysis.
Exporting findings is very time-consuming and there is currently no way to monitor the progress of exports. See below for more information.
To export all findings for all spaces for which you have administration privileges, click the Export All Findings button at the top of the Soteri Dashboard:
To export findings for a particular space from the Soteri Dashboard, use the Export button in the Action Menu for the space:
Finally, when viewing the Security Analysis for a particular space, you can use the Export Space button at the top of the page:
Performance
Security for Confluence only stores the locations of findings, not their actual text. To perform an export, Security for Confluence therefore must query Confluence to retrieve the text of all content with findings, which can be very time consuming. This is particularly noticeable for full instance exports. A large full instance export could potentially take an hour or more.
Additionally, currently Security for Confluence does not provide feedback about the progress of the export—it will appear as if nothing is happening until the download suddenly completes. If you wish to confirm an export is still in progress, use your browser’s developer tools to inspect network requests, and filter by requests to the findings
endpoint—if the request is open, the export is proceeding.
Columns in exported findings reports
Following are the column names in the exported reports, in order, most of which are self-explanatory:
Space key
Content title
Content ID
Content version
Rule name
Match text: the exact match text of the finding. This can be used to review the finding; see Hiding false positives, revoked credentials, etc. .
Reviewed?
Publication time
Full text: the complete text of the fragment, or, if it is too long, then only the specific text that triggered the finding.