TABLE OF CONTENTS

• Overview
• scan
• import
  • Command syntax
  • Output response
• register-all
• version
  • Command syntax
  • Output response
• daemon
• Command flags

Overview

This topic explains all the scanner command syntax and different parameters passed through the image scanning Command Line Interface (CLI).

The Aqua scanner CLI supports the following arguments:

• scan
• import
• register-all
• version
• daemon

scan

scan argument is used to run singular scans or ad-hoc scans. While attempting to run scans, you should pass argument scan with the appropriate flags for the scan logistics. For more information on the usage of scan command and the associated flags, refer to Scan Argument.

import

This section explains the import command passed through the image scanning Command Line Interface (CLI). This command imports the results of a scan (already performed) as a JSON file from one Aqua platform to another. After scan, the image will be registered in Aqua as a result. To import a file, the original scan must include the --registry flag, even if the image is scanned locally. Importing a scan result allows only through the .json files.

After an image is scanned using Scanner CLI by evaluating custom Image Assurance Policies in an Aqua Server, if you want to import scan results of this image to another Aqua Server, you should configure the same Image Assurance Policy (with same Policy name and controls) in the target Aqua Server.

Command syntax

docker run -v /var/run/docker.sock:/var/run/docker.sock -v /tmp:/tmp registry.aquasec.com/scanner:6.5 import -H http://aqua-server:8080 --token <Aqua_scanner_token> /tmp/scanresult.json [flags]

Note: The file path and file name shown above are just for reference only. You should specify the correct path and file name to get success.

Output response

2021-04-09 09:47:48.065 INFO    Logger started with level INFO
2021-04-09 09:47:48.185 INFO    Registering with server {"os": "linux", "os_version": "", "registries": []}
2021-04-09 09:47:48.296 INFO    Successfully registered {"scanner_id": 18}
2021-04-09 09:47:48.298 INFO    Trying to send results to console
2021-04-09 09:47:48.412 INFO    Successfully dispatched image scan results      {"imageName": "alpine:latest"}
2021-04-09 09:47:48.412 INFO    Scan results successfully imported

register-all

This section explains the register-all command syntax passed through the image scanning Command Line Interface (CLI). register-all command scans and registers all images from a specific registry.

Give an introduction to the topic of this How-to article. For example, let's consider that this article explains how to use article template

Specifying the -d flag will leave the scanner running to keep scanning and registering new images that appear in the specific registry.

docker run -v /var/run/docker.sock:/var/run/docker.sock registry.aquasec.com/scanner:6.5 register-all "Registry name" -H http://aqua-server:8080 --token <Aqua_scanner_token> [flags]

docker run registry.aquasec.com/scanner:6.5 version [flags]

2021-11-10 10:08:35.298 INFO    Logger started with level INFO
scannercli version 5.5.21308, compiled Nov 10 2021 21:23:50