Search syntax
To indicate the type of comparison to perform for a search in the Fortify Remediation window, wrap the search terms with delimiters. The following table shows the syntax to use for the search string.
| Comparison | Description |
|---|---|
|
contains |
Searches for a term without any qualifying delimiters |
|
equals |
Searches for an exact match if the term is wrapped in quotation marks ( |
|
number range |
Searches for a range of numbers using the standard mathematical interval notation of parentheses and/or brackets to indicate whether the endpoints are excluded or included, respectively. Example: (2,4] indicates greater than two and less than or equal to four |
|
not equals |
Excludes issues specified by the string by preceding the string with an exclamation character (!) Example, |
You can further qualify search terms with modifiers. The syntax for using a modifier is <modifier>:<search_term>. For more information, see Search Modifiers.
A search string can contain multiple modifiers and search terms. If you specify more than one modifier, the search returns only issues that match all the modified search terms. For example, file:ApplicationContext.java category:SQL Injection returns only SQL injection issues found in ApplicationContext.java.
If you use the same modifier more than once in a search string, then the search terms qualified by those modifiers are treated as an OR comparison. For example, file:ApplicationContext.java category:SQL Injection category:Cross-Site Scripting returns SQL injection issues and cross-site scripting issues found in ApplicationContext.java.
For complex searches, you can also insert the AND or the OR keyword between your search queries. Note that AND and OR operations have the same priority in searches.