This page contains:
This guide is a high-level overview of the process to upload tool output to your Dradis projects.
When you are working with security scanners like Nessus, Qualys, Burp, and more, you wil quickly notice that the different scanners don't speak the same language. Fields may have different names and data is often organized differently within a scan. And, you can bet that none of these scanners speak the language of your report template.
In order to get everyone on the same page, we're going to use the Mappings Manager to "translate" for us. The goal is to have every tool output translated into the "language" that your report template is looking for.
When you're working with a custom report template, you'll need to do a some setup to configure the Mappings Manager before you upload your tool output.
Dradis will now check your Mappings Manager setup for that output file type against your report template configuration.
When working with the Mappings Manager, the Rules Engine, and a custom report template, there are several important details to keep in mind.
#[Title]#
) will be created and the data from the tool (e.g. {{ nessus[report_item.plugin_name] }}
) will be put underneath the correct fields.{{ nessus[report_item.severity] }}
source field available but you have not mapped that field in your Mappings Manager, this field and data will not be accessible downstream in the Rules Engine or in your Dradis project.The graphic below gives a visual overview of this process. The tool output moves left to right through the upload process, the Mappings Manager, and the Rules Engine before being added into your Project.
For more details on the concepts covered in this guide, please check out the Mappings Manager guide and the the Rules Engine guide.
The flow for tool output in CSV format is slightly different. For more details on CSV uploads, see the Upload and work with CSV files guide.
Next help article: Upload and work with CSV files →
Your email is kept private. We don't do the spam thing.