Upload and work with CSV files

This page contains:

The Process

Working with CSV output is slightly different from working with other tool output file formats in Dradis. Unlike other tool integrations, you can not use the Plugin Manager or the Rules Engine with CSV output.

Mapping the columns of the CSV output to your desired project fields is therefore on a per-file basis. Other than that, the process is similar to working with other tool output.

Uploading a CSV file to a project

For this section we will assume you are uploading a CSV file to a project which you have not associated with a report template.

  1. Within a Dradis Project, navigate to Upload in the header and select the Dradis::Plugins::CSV file type from the dropdown. Next, select the CSV file you want to upload.

  2. You will be redirected to a page where you can set the mapping of fields from the CSV file to your project.

    You can select Issue ID, Issue Field, Evidence Field, or Node as fields to use, or you can choose Do Not Import if you do not want this field to import into your project.

    • Issue ID is for a unique identifier for each Issue from the CSV file, for a plugin_id field in your project.

    • Issue Field creates a field for each Issue in the file. For example, a Description field in your CSV file will be mapped to a Description field in your project for each Issue.

    • Evidence Field creates a field for each piece of Evidence for Issues in the file. For example, a Port field in your CSV file will be mapped to a Port field in your project for each piece of Evidence.

    • Node creates a Node label for each piece of Evidence for Issues in the file.

  3. Once you have mapped all the fields, click the Import CSV button to upload your CSV file.

  4. Marvel at the magic and at how the freshly imported Issues and Evidence match the format that you configured.

Integrating a CSV file with a report template

Now let's look at the flow when you are uploading a CSV file to a project that is associated with a report template.

  1. Create or edit a project so that it is associated with a report template with its Report Template Properties set. Within the Dradis Project, navigate to Upload in the header and select the Dradis::Plugins::CSV file type from the dropdown. Next, select the CSV file you want to upload.

  2. You will be redirected to a page where you can set the mapping of fields from the CSV file to your project.

    As above, you can select Issue ID, Issue Field, Evidence Field, or Node as fields to use, or you can choose Do Not Import if you do not want this field to import into your project.

    • Issue ID is for a unique identifier for each Issue from the CSV file, and will populate a plugin_id field in your project.

    • Issue Field populates a field for each Issue in the file. The dropdown field on the right lets you pick a field from the Report Template Properties to map your CSV file's data to. For example, your CSV file might have a column for Severity that you want to map to a Risk field in your project for each Issue.

    • Evidence Field creates a field for each piece of Evidence for Issues in the file. For example, a Port field in your CSV file could be mapped to a Location field in your project for each piece of Evidence. From the dropdown to the right, you can pick a field from the Report Template Properties to map the CSV data to. In case you don't have any Evidence fields set in your Report Template Properties, but still want to import Evidence data to your project, the dropdown button will default to creating a field for each piece of Evidence that matches the field's column name in the CSV file.

    • Node creates a Node label for each piece of Evidence for Issues in the file.

  3. Once you have mapped all the fields, click the Import CSV button to upload your CSV file.

  4. Marvel at the magic and at how the freshly imported Issues and Evidence match the format that you configured.

Next help article: Search your project →

Streamline InfoSec Project Delivery

Learn practical tips to reduce the overhead that drags down security assessment delivery with this 5-day course. These proven, innovative, and straightforward techniques will optimize all areas of your next engagement including:

  • Scoping
  • Scheduling
  • Project Planning
  • Delivery
  • Intra-team Collaboration
  • Reporting and much more...

Your email is kept private. We don't do the spam thing.