Skip to main content

Download scan results

You can download scan results to these file types:

  • SARIF file: After a scan completes, you can download the results to a Static Analysis Results Interchange Format (SARIF) file. This type of file is is a standard, JSON-based format for the output of static analysis data.

    To optimize storage usage, SARIF files are available for up to five days after the scan completes. No download option is available for older scans.

  • CSV file: You can download vulnerability data for a scan project to a Comma-separated Values (CSV) file. The CSV file:

    • Excludes vulnerabilities with a status of Remediated and Not a problem.

    • Includes or excludes data based on selected filters.

Before you begin

Identify the scan whose results you want to download.

Steps for SARIF download

  1. Select Scans in the header.

  2. Select a scan project.

  3. In the Overview tab, under Scan history, select the Download icon (icon-download.svg) at the end of a scan row.

  4. When prompted, select a location for the SARIF file.

Steps for CSV download

  1. Select Scans in the header.

  2. Select a scan project.

  3. Select the Vulnerabilities tab.

  4. To filter the data in the CSV file, select any of the filters for Severity, Vulnerability, Language, or Status.

  5. Select the Download icon (icon-download.svg) at the top of the page.

  6. If the number of vulnerabilities exceeds 2,000, you are prompted to select a page of results to download.

    You can download one page at a time.

  7. When prompted, select a location for the CSV file.

In this section: