This guide explains how to use the finding counter token in reports using a query string-like syntax.
Basic Structure
The token uses URL-style parameters separated by & characters. For example:
{Finding_Count?setting.filter.type=Vulnerability&setting.filter.status=FalsePositive}
This will be replace by the number of Findings, of type Vulnerability and status equal to False Positive.
Configuration Sections
1. Filtering
As this token only outputs a number, the only configurable section is the filter:
setting.filter.type=Vulnerability,Observation&
setting.filter.status=ReadyRetest,PendingFix&
setting.filter.severity=Critical,High&
setting.filter.labels=Security,PCI-DSS&
Examples
Count of findings per Label
{Finding_Count?setting.filter.labels=<labels>}
Count of "Critical" severity vulnerabilities per Label
{Finding_Count?setting.filter.type=Vulnerability&setting.filter.severity=Critical&setting.filter.labels=<labels>}
Count of findings type observation
{Finding_Count?setting.filter.type=Observation}