Creating a Custom Rule Based on the Files Associated with Inventory in the Analysis Workbench
During the auditing process for a project, you might find that one or more codebase files that are evidence of a specific third-party or OSS component are not being associated with inventory in your project. You must manually fix the situation—either by updating the existing inventory item to include the associated files or by creating the missing inventory item associated with the files.
The Analysis Workbench enables you to create a custom detection rule based on the file criteria of the inventory item that you had to create or update. Because you are creating this rule within the context of an existing inventory item, most of the fields that define the rule are pre-populated with details from the item, including the MD5 value for each file currently associated with the inventory item.
Refer to Creating a Custom Detection Rule Within Context of an Inventory Item for further instructions.
To create the rule based on an existing inventory item, the inventory item Type must be Component.