Joval Utilities Quickstart (~15 minutes)

Welcome to the Joval Utilities

The Joval Utilities is a lightweight, standalone assessment engine that provides access to the core capabilities of the Joval Java SDK and Discovery Java SDK via the command line. It’s included in all Enterprise Edition, Developer Edition, and Discovery trials and licenses.

Please follow this guide to deploy the Joval Utilities and run your first scan. It should take about 15 minutes.

Prerequisites

In order to complete this guide, you will need:

  • The Joval Utilities
  • A valid license file (.xml)

If you don’t have these, please register for an evaluation.

Deploy Joval

  1. Create a working directory: joval
  2. Download the Joval Utilities (.zip) and unzip it
  3. Rename the unzipped folder to Joval-Utilities and move it to your working directory
  4. Copy your license file [your-domain].sig.xml to your working directory
  5. Add an empty folder to your working directory: content

Your working directory should now look like this:

joval
     content
     Joval-Utilities
          ...
          Joval-Utilities.jar
          User_Guide.pdf
     [your-domain].sig.xml

Continue from the command line (note: reverse slashes on Windows):

cd [path-to-your-working-directory]

:: Confirm that Java is installed on this device
java -version

:: If you don't have Java, we recommend Java 8:
:: http://www.oracle.com/technetwork/java/javase/downloads/jre8-downloads-2133155.html

:: Confirm successful deployment by viewing command line help 
java -jar Joval-Utilities/Joval-Utilities.jar -?

Note: Joval supports Java 6+, but we currently recommend Java 8 because XML support is less stable in Java 9-11.


Configure & Scan

The Joval Scan Configuration Assistant will guide you through the process of downloading assessment content and creating a scan configuration file. Continue from the command line (note: reverse slashes on Windows):

cd [path-to-your-working-directory]

:: Start the assistant and follow prompts to create your configuration file
java -Dlicense.file=[your-domain].sig.xml -jar Joval-Utilities/Joval-Utilities.jar scan

:: Then, run your scan!
java -Dlicense.file=[your-domain].sig.xml -jar Joval-Utilities/Joval-Utilities.jar scan -c config.ini

:: Review the output files and logs in the configured folders

Next Steps

  • Configure & Scan using alternate scan content and targets
  • Review the User_Guide.pdf in the Joval-Utilities folder for additional configuration options including:
    • Tailoring configuration
    • Gateway & Proxy configuration
    • Scan hosts file configuration
    • File-less configuration via -c -
    • Custom report creation

Questions? Feedback?

Please contact your account executive or reach out here!