Skip to main content
Skip table of contents

Exporting Findings

Security for Jira allows users to export CSV files containing findings in the projects for which they have administration privileges or, if they have been granted explicit app access, viewing privileges. This can be done when viewing a project’s Security Analysis by clicking the Export Project dropdown at the top:

There are three options, all of which are in CSV format:

  • A Findings export contains information about all findings, including both reviewed and un-reviewed findings

  • A Reviewed False Positives export contains reviewed false positives, including who reviewed them and when they were reviewed. Reviewed false positives are scoped per-project and apply to all future and past findings in the project that match exactly.

  • A Scanned attachment information export contains information about scanned files attached to issues. See Scanning files attached to issues for more information.

You can also export findings for a particular project, or for all projects you can administer, using the REST API.

Exporting, both from the Security Analysis page and from the REST API, is an audited event.

Redacting findings in exported reports

If you want to keep the full text of findings from appearing in exported reports, you can disable the Include full finding text in exported reports setting in the plugin settings page:

image-20240105-173856.png

Disabling this option will remove the Text column from CSV exports, and will add two URL columns:

  • A link to the issue (focusing on the comment if the finding is in a comment)

  • A link to the Security Analysis of the issue

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.