Evidence content control
This page contains:
- A concrete example
- The Evidence control in your template
- The Evidence Label control
- Evidence field placeholders
- The importance of consistency
- Filtering your Evidence
The Evidence content control is a special control that tells the reporting engine to repeat a given section of the report for each piece of Evidence associated with a vulnerability.
If you haven't done so yet, now would be a good time to review the Adding issues and evidence section of the Working with projects manual.
A concrete example
We're going to use the same example we used in the Adding issues and evidence section.
An Out-of-date Apache vulnerability that affects 2 different hosts (port tcp/80 in host 10.0.0.1 and ports tcp/80 and tcp/443 in 10.0.0.2).
This means our Dradis project will have:
- One issue: Out-of-date Apache
- Two nodes:
10.0.0.1and10.0.0.2 - Three pieces of evidence:
- One for
10.0.0.1, porttcp/80 - One for
10.0.0.2, porttcp/80 - One for
10.0.0.2, porttcp/443
- One for
The Evidence control in your template
The Evidence control is a wrapping control (i.e. it is used to enclose other template content). We're going to start by creating a Label placeholder and wrapping it into an Evidence control:
The Evidence content control must be applied within an Issue content control, otherwise there is no context for it and the Evidence will not populate in the exported report.
If you haven't done so yet, now would be a good time to review the Issue Content Control section of this guide.
Exporting our report right now would result in the following:
We can see that the reporting engine is working as expected, repeating the section of the report enclosed by the Evidence control for each of the pieces of Evidence we've got in the project.
The Evidence Label control
As you just saw, the Label control can be used inside an Evidence control to display the label of the node associated with the Evidence.
This is especially useful when you have multiple instances of a problem, with code or screenshots in them. By adding the Label control you can easily see where one instance ends and the next one starts.
Evidence field placeholders
The Evidence wrapping control works in the same way the other wrapping controls we've seen so far (i.e. Issue and Note) and lets us create placeholders for the fields defined in your content.
For example, lets enhance our template to contain placeholders for the Port and Details fields:
The importance of consistency
Right now our template is expecting that each piece of Evidence in your project contains a Port and a Details fields.
That's easy enough to get right, but it is up to you to ensure you remember that your template is going to look for this fields.
Lets go ahead and add the first piece of evidence:
If you're wondering how to get that grey background block, feel free to jump ahead to the Code blocks section of the manual, we'll wait for you here.
Adding the other instances of Evidence to the project and exporting results in:
You can see how the Port and Details placeholders have been populated with the relevant information for each Evidence in our project.
Filtering your Evidence
Evidence content control can be filtered to allow you to further customize your reports. For more on the different options, check out the Filtering and Sorting page of this guide.
Next help article: Affected content control →