Documentation Nexus IQ Server 1.27

Our documentation site has moved. For the most current version, please see http://help.sonatype.com

11.4. Viewing Component Details

As components are used across various applications, and then evaluated, it is very likely some of those components will violate your policies. The Component Detail page presents the known coordinates for the component and then below this, all violations that have been found. These are organized by application. In addition, risk information for each component is provided.

You can click a component in either the Violations view or Components view to open the Component Details page.

figs/web/clm-server-dashboard-component-detail-page.png

Figure 11.8. Component Details Page


Similar to previous views, separate columns display pertinent information related to the component and violations associated with each application it is used in. These are described in additional detail below.

Application
The name of application, preceded by its parent organization.
Share of Risk

The share of risk is displayed as a total for the application, as well as a breakdown for each violated policy.

For the Application
This is the percentage of risk for the displayed component in relation to a specific application. It is calculated by taking the sum of the threat levels for policies an application is evaluated against (and the component has violated), and then dividing by the sum of threat levels for all policies violated across all applications displayed.
For the Policy
This is the percentage of risk for a particular policy violation as it relates to the total risk for the component. It is calculated by taking the threat level of the violated policy, and dividing it by the sum of the threat levels for all violated policies for the displayed component and applications.
Risk
Risk represents the sum of the threat levels for the policies the component has violated.
Stages

Each stage is represented by a column. The amount of time that has passed since discovery of the component in violation of a policy will be displayed in the corresponding column. Abbreviations for time is as follows:

  • min = minute
  • h = hour
  • d = day
  • m = month
  • y = year

If any actions were taken in the stage (i.e. warn or fail), an icon will be displayed. Only the stages which your IQ Server is licensed for will appear.

[Tip]

You can click a violation’s time stamp to open the most recent Application Composition Report.