Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.endorlabs.com/llms.txt

Use this file to discover all available pages before exploring further.

Managing findings shapes what Endor Labs reports, how your teams respond, and how you organize issues over time. After you view and filter findings, use finding policies to control what is surfaced and action policies to automate next steps when criteria match. Export findings when you need data outside the product, and use tags to group and search efficiently. Manage findings to control how findings are handled, organized, and acted on across your environment. After you view and filter findings use finding policies to control which findings are surfaced and action policies to automate actions when findings match specific criteria. You can also export findings for external analysis and apply tags to organize and search findings more efficiently.

Create Jira issues from Findings

Create Jira issues manually from the Findings for one or more items. This enables you to create and assign workflow issues without relying on action policies or scan cycles. Endor Labs records them as On-demand notification in Notifications. If issue creation fails, you can also review the error details. See Notifications to learn more. Ensure that you have a Jira notification integration configured in Endor Labs to create issues in your Jira board. If a finding already has a Jira issue in the selected board that was created manually, you cannot create another one in that board. If the existing issue was created by an action policy, then you can create a new issue for that finding. When a finding is resolved in a subsequent scan, Endor Labs updates all linked Jira issues to your integration’s resolved state. That applies to manually created issues and to issues created through action policies.

Create a Jira issue for a single finding

You can create a Jira issue for a single finding from the Findings view.
  1. Select Findings from the left sidebar.
  2. In Table preferences, turn on the Integration - Jira column.
  3. Click Create JIRA ticket in the finding’s row.
  4. Select a Jira integration configured in your namespace. Ensure the integration is available in the same namespace as the findings.
  5. Click Create Issue.
After creation, you can use the issue URL to open it in Jira and view its details.

Create Jira issues for multiple findings at once

You can create Jira issues for multiple findings from the Findings view.
  1. Select Findings from the left sidebar.
  2. In Table preferences, turn on the Integration - Jira column.
  3. Search for and select the findings to create Jira issues for. You can select up to 10 findings at a time.
  4. Click the vertical three dots and select Add Jira Notifications.
  5. Select a Jira integration configured in your namespace. Ensure the integration is available in the same namespace as the findings.
  6. Click Create Issue.
After creation, you can use the issue URLs to open them in Jira and view their details. When creating Jira issues for multiple findings, Endor Labs processes each finding independently. If a finding already exists in the selected board, it is skipped while the rest are created successfully. Jira issues from findings

Export findings

You can export finding details to a CSV file for offline analysis.
  1. Select Projects from the left sidebar.
  2. Search for and select a project and select Findings.
  3. Search for findings using advanced or basic filters.
  4. Select the findings and click the vertical three dots.
  5. Choose Export Selected or Export All and select the fields that you want to include in the CSV file.
  6. Click Export to CSV to download the file.

Apply tags to findings

Tagging findings helps you organize, prioritize, and filter issues efficiently. You can tag findings in a finding policy or while running the endorctl scan.

Using finding policies

You can define custom tags in a finding policy, which automatically apply to findings that match its conditions. See Finding policies for more information. To add custom tags:
  1. Select Policies & Rules from the left sidebar.
  2. Follow the steps to create a finding policy. Ensure to add your choice of custom tags in Finding Custom Tags. You can also update an existing policy.
  3. Click Create Finding Policy.
After you create or update a finding policy, rescan your project to apply the custom tags to your findings.

Through the CLI

When scanning projects using endorctl, you can tag all the findings generated within the scan scope using the --finding-tags flag. To scan and tag all findings of an endorctl scan: 
endorctl scan --finding-tags=findings-tag-name

View tagged findings

To filter and view the findings by their tags:
  1. Select Projects > Findings from the left sidebar.
  2. Enter the tag in the search bar to filter and view findings by tag name. Search findings tags on UI