Address common ingestion issues by validating SARIF schema compliance, checking repository identifiers, and ensuring file paths are relative to the project root.
Symptom | Cause | Resolution |
|---|---|---|
SARIF validation returns | The SARIF file does not conform to the SARIF 2.1.0 schema. | Verify the SARIF file structure against the SARIF format requirements. Ensure the |
SARIF validation returns | The SARIF file is structurally valid but missing optional fields. | Review the validation warnings. Add missing optional fields (severity level, rule description, CWE tags) to improve finding quality. The file can be uploaded in the current state |
Upload returns | The collector credentials (Token ID or API Token) are invalid or expired. | Edit the collector in → → to regenerate the API credentials. Update the credentials in the CI/CD pipeline configuration |
Upload returns | The request body is not valid JSON or does not conform to the SARIF schema. | Validate the SARIF file using the validation endpoint before uploading. Ensure the Content-Type header is set to |
Findings do not appear after upload | The | Verify the repository asset ID in → → → . Ensure the repository is onboarded and active |
Findings do not appear after upload | The | Verify the branch name matches the branch naming convention used in the Cortex Cloud repository configuration |
Findings appear but lack severity | The SARIF file does not include the | Add the |
Findings appear but lack CWE classification | The SARIF file does not include CWE tags in the rule properties. | Add CWE identifiers (e.g., |
CI/CD pipeline fails after collector deletion | The deleted collector credentials are still referenced in the pipeline configuration. | Create a new collector instance, generate new credentials, and update the CI/CD pipeline configuration with the new credentials |