Skip to content

Exporting scan results

The Johnny console agent supports exporting scan results in various formats. This allows to adapt reporting to different needs, including integration with vulnerability management systems.

Available report formats

  • coloredtable – colored table in the console. Default format;
  • table – simple table;
  • text – text report;
  • junit – used in CI/CD (Jenkins, GitLab CI, GitHub Actions);
  • sarif – unloaded to DefectDojo, CodeQL, Semgrep;
  • csv – used in BI systems, Excel, Pandas, SQL;
  • gl-dependency-scanning-report – report format for GitLab Dependency Scanning;
  • gl-code-quality-report – report format for GitLab Code Quality;
  • gl-secrets-report – report format for GitLab Secret Detection.

Usage example

If necessary, you can specify multiple formats, separating them with commas, for example:

./johnny scan file path/to/file \
--api_token <api_token> \
--api_url <api_url> \
--format "coloredtable, junit>>junit.xml"

In this example, the output will be in the coloredtable format to the console, and also saved to the junit.xml file in the junit format.