Twigs provides a bunch of common options i.e. irrespective of what type of assets are being discovered. These common options are optional as seen below:
twigs [-h] [-v] [--handle HANDLE]
[--token TOKEN] [--instance INSTANCE]
[--run_id RUN_ID][--location LOCATION] [--tag_critical] [--tag TAG]
[--no_auto_tags] [--apply_policy APPLY_POLICY][--sbom SBOM] [--no_scan]
Here is a quick description of these options:
run_id – Specify an unique identifier for this twigs run. Note – this identifier will help you group multiple runs for a specific type of discovery together and these will be shown together in the I3 Portal. If you don’t specify a “run_id”, then discovery “mode” will be used by default.
location – Specify location for discovered asset(s)
tag_critical – Mark the asset(s) as business critical
tag – You can use this option multiple times on the command line to add multiple tags to the asset(s)
no_auto_tags – Disable auto tagging of assets with standard classification tags. Only user specified tags will be applied.
apply_policy – You can use this option to specify name of a policy when you use twigs in your CI/CD pipeline to make policy based decisions like fail the build if any “DoNow” priority vulnerability impacts are discovered or any strong copyleft violations are found. For multiple policies, specify a comma-separated list of policy names.
sbom – Use this option to specify path to a SBOM file to save the asset(s)
no_scan – Indicate that you don’t wish to start a vulnerability assessment for the discovered asset(s)
email_report – Once the vulnerability assessment is done, then you will automatically be emailed a copy of the vulnerability assessment report.
schedule – Run this twigs command at specified schedule (in crontab format)
quiet – Do not display informational messages on the console during twigs run