trivy client
Client mode
Subcommands
Name | Description |
---|---|
--template, -t | Output template [$TRIVY_TEMPLATE] |
--format, -f | Format (table, json, sarif, template) (default: "table") [$TRIVY_FORMAT] |
--severity, -s | Severities of vulnerabilities to be displayed (comma separated) (default: "UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL") [$TRIVY_SEVERITY] |
--output, -o | Output file name [$TRIVY_OUTPUT] |
--exit-code | Exit code when vulnerabilities were found (default: 0) [$TRIVY_EXIT_CODE] |
--clear-cache, -c | Clear image caches without scanning [$TRIVY_CLEAR_CACHE] |
--vuln-type | Comma-separated list of vulnerability types (os,library) (default: "os,library") [$TRIVY_VULN_TYPE] |
--security-checks | Comma-separated list of what security issues to detect (vuln,config) (default: "vuln") [$TRIVY_SECURITY_CHECKS] |
--ignorefile | Specify .trivyignore file (default: ".trivyignore") [$TRIVY_IGNOREFILE]] |
--timeout | Timeout (default: 5m0s) [$TRIVY_TIMEOUT] |
--ignore-policy | Specify the Rego file to evaluate each vulnerability [$TRIVY_IGNORE_POLICY] |
--list-all-pkgs | Enabling the option will output all packages regardless of vulnerability (default: false) [$TRIVY_LIST_ALL_PKGS] |
--cache-backend | Cache backend (e.g. redis://localhost:6379) (default: "fs") [$TRIVY_CACHE_BACKEND] |
--no-progress | Suppress progress bar [$TRIVY_NO_PROGRESS] |
--offline-scan | Do not issue API requests to identify dependencies [$TRIVY_OFFLINE_SCAN] |
--skip-files | Specify the file paths to skip traversal [$TRIVY_SKIP_FILES] |
--skip-dirs | Allow insecure server connections when using SSL [$TRIVY_INSECURE] |
--severity, -s | Severities of vulnerabilities to be displayed (comma separated) (default: "UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL") [$TRIVY_SEVERITY] |
--input, -i | Input file path instead of image name [$TRIVY_INPUT] |
--ignore-unfixed | Display only fixed vulnerabilities [$TRIVY_IGNORE_UNFIXED] |
--insecure | Allow insecure server connections when using SSL [$TRIVY_INSECURE] |
--removed-pkgs | Detect vulnerabilities of removed packages (default: false) [$TRIVY_REMOVED_PKGS] |
--output, -o | Output file name [$TRIVY_OUTPUT] |
--config-policy | Specify paths to the Rego policy files directory, applying config files [$TRIVY_CONFIG_POLICY] |
--skip-files | Specify the file paths to skip traversal [$TRIVY_SKIP_FILES] |
--skip-dirs | Allow insecure server connections when using SSL [$TRIVY_INSECURE] |
--token | For authentication in client/server mode [$TRIVY_TOKEN] |
--token-header | Specify a header name for token in client/server mode (default: "Trivy-Token") [$TRIVY_TOKEN_HEADER] |
--custom-headers | Custom headers in client/server mode [$TRIVY_CUSTOM_HEADERS] |
--remote | Server address (default: "http://localhost:4954") [$TRIVY_REMOTE] |