Skip to content

Exporting scan results

The Johnny console agent supports exporting scan results in several formats. This allows to adapt reporting to various needs, including integration with vulnerability management systems.

Available report formats

  • coloredtable – colored table in the console. Default format;
  • table – simple table;
  • text – text report;
  • junit – used in CI/CD (Jenkins, GitLab CI, GitHub Actions);
  • sarif – unloaded to DefectDojo, CodeQL, Semgrep;
  • csv – used in BI systems, Excel, Pandas, SQL;
  • gl-dependency-scanning-report – report format for GitLab Dependency Scanning;
  • gl-code-quality-report – report format for GitLab Code Quality.

Usage example

If necessary, you can specify multiple formats, separating them with commas, for example:

./johnny scan file path/to/file \
--api_token <api_token> \
--api_url <api_url> \
--format coloredtable,junit>>junit.xml

In this example, the output will be in the coloredtable format to the console, and also saved to the junit.xml file in the junit format.