Using Filter Files

You can use a file to filter out specific vulnerability instances, rules, and vulnerability categories from the analysis results. If you determine that a certain issue category or rule is not relevant for a particular scan, you can stop Fortify Static Code Analyzer from adding them to the FPR. Using a filter file can reduce both the scan time and analysis results file size.

For example, if you are scanning a simple program that just reads a specified file, you might not want to see path manipulation issues, because these are not likely planned as part of the functionality. To filter out path manipulation issues, create a file that contains a single line:

Path Manipulation

Save this file as filter.txt. Use the -filter option in the analysis phase as shown in the following example:

sourceanalyzer -b MyProject -scan -filter filter.txt -f MyResults.fpr		

The analysis output in MyResults.fpr does not include any issues with the category Path Manipulation. For more information and an example of a filter file, see Excluding Issues with Filter Files.