Question: Possible to write output to file rather than stdout

[dspringer]

Hey, sorry for constantly bugging you, and I wish I could file this with a questions label, rather than issue, but here goes:

How do I output the table to a file rather than stdout? Is there a flag, like -j, that I can use to output to a simple .txt file, considering the table is much more readable than the json file?

docker run --rm -v /home/user/jenkins/workspace/Hawkeye-Scan:/target stono/hawkeye scan -j hawkeye.json > hawk.txt

Result:

cat hawk.txt
[info] Welcome to Hawkeye v0.14.12!

[info] File Contents dynamically loaded
[info] Entropy dynamically loaded
[info] Example Module dynamically loaded
[info] Secret Files dynamically loaded
[info] Node Constant Hashtable Seed check dynamically loaded
[info] Node CrossEnv malware check dynamically loaded
[info] Node Check Updates dynamically loaded
[info] Node Security Project dynamically loaded
[info] Bundler Scan dynamically loaded
[info] Exclusion patterns: ^node_modules/, ^.git/, ^.git-crypt/, package-lock.json
[info] git repo detected, will only use git tracked files
[info]  -> git ls-tree --full-tree --name-only -r HEAD
[info] Files excluded by exclusion patterns: 0
[info] Files included in scan: 160
[info] Target for scan: /target
[info] Running module File Contents
[info] Running module Secret Files
[info] Running module Node CrossEnv malware check
[info] Running module Node Check Updates
[info]  -> /hawkeye/node_modules/npm-check-updates/bin/ncu -j
[info] Running module Node Security Project
[info]  -> /hawkeye/node_modules/nsp/bin/nsp check -o json
[info] Not Handling Bundler Scan
[info] scan complete, 45 issues found

[info] Doing writer: console

[Stono]

Hey, No worries mate :)

There isn't a way through the app to do that, but you could just make funky use of stdio as the table is written to stderr.

Try: (hawkeye scan >/dev/null) 2>&1

[dspringer]

Got it. Thanks! Do you intend to have this kind of functionality in the future? or is this the way it will have to be going forward? I can close this issue now if you'd like.

For those who need this answer in the future, what worked for me is: docker run --rm -v /home/user/jenkins/workspace/Hawkeye-Scan:/target stono/hawkeye scan -j hawkeye.json > hawk.txt 2>&1

edit: this actually eats my json file, and therefore doesn't work as expected. I would need to run it once to create the json file, and then another time to create the .txt file

[Stono]

Hey, I wasn't planning on doing it, but lets leave the issue open to see if others have interested.

BTW you can pretty much extract the table doing something like this:

19:14:21 $ (hawkeye scan > /dev/null) 2>&1 | tail -n +3
high    Module is one or more major versions out of date  td.core          Update to 1.0.140
high    Module is one or more major versions out of date  should           Update to 13.1.0
medium  Module is one or more minor versions out of date  newrelic         Update to 2.2.1
medium  Module is one or more minor versions out of date  js-yaml          Update to 3.10.0
medium  Module is one or more minor versions out of date  mocha            Update to 3.5.3
medium  Module is one or more minor versions out of date  deride           Update to 1.2.0
low     Module is one or more patch versions out of date  restify-clients  Update to 1.5.1

[info] Scan complete

[dspringer]

yeah, but I still can't redirect the table to a file AND get the writer to give me a json, even though it explicitly says that: [info] json results saved to hawkeye.json

[dspringer]

UPDATE, here's my solution.

docker run --rm -v /home/user/jenkins/workspace/Hawkeye-Scan:/target stono/hawkeye scan -j hawkeyeResults.json -f critical 2>&1 | tee hawkeyeResults.txt

Note: it may not need tee, but that's what I tried

[felixhammerl]

I will add that to the README and close the issue for now, is that's ok.

[felixhammerl]

See: https://github.com/hawkeyesec/scanner-cli/commit/1d9bf6be7c4e09b51945d16613aad75925172771