-
Notifications
You must be signed in to change notification settings - Fork 369
Parsing by Assessment Type or Performing a String Comparison in a Report
Parsing by assessment type in a report is a common function. There is a string comparison operator (√) to make this easy.
† √ short_company_name:::acme inc √ †
The company name is acme.
¥
This will compare the short_company_name (ΩSHORT_COMPANY_NAMEΩ) to the string "acme inc". The string comparison is case insensitive.
Due to the scoping of variables (XPATH), you need to modify this comparison for UDV's.
Precede the variable with a ":" for UDV's:
† √ :my_udv_name:::udv value √ †
This tests for a udv
¥
This will compare the my_udv_name (§my_udv_name§) to the string "udv value".
Precede the variable with a "+" for finding variables:
† √ +title:::cross site scripting √ †
The title is cross site scripting.
¥
This will compare the title (πtitleπ) to the string "cross site scripting".
If all else fails, you can use the translate function. This is historically how string comparison was done:
¬report/findings_list/findings:::risk>3¬
† translate(assessment_type,$up,$low)=translate('External',$up,$low) †
FINDINGS
¥
∆
To perform the same function inside of a table:
æreport/findings_list/findings:::risk<5:::translate(assessment_type,$up,$low)=translate('external',$up,$low)æ ∞title∞
Overall the translate() function can be used for string comparison.