# Direct use of Auditor

If you are using Auditor **without** the AppSec Portal, **directly**: 

1. **Preconfigure Auditor**

if you are using your own images for job (scanners), [**preconfigure**](https://docs.whitespots.io/auditor/features/settings/direct-use-of-the-auditor/docker-credentials) Auditor 

2. **Create pipeline**

On the dashboard page click on <img src="https://3069717380-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M81VrXQrfSaYjNIFOtt%2Fuploads%2FOutmGe4APZNIM1YpUaSJ%2Fimage.png?alt=media&#x26;token=0e490583-73af-4bab-acef-4e08b5178599" alt="" data-size="line"> button

<figure><img src="https://3069717380-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M81VrXQrfSaYjNIFOtt%2Fuploads%2FNF8YoRNHc8yPxLMbcRqJ%2Faudit1.png?alt=media&#x26;token=60b86124-7ad1-4b9d-889d-eddc05635c71" alt=""><figcaption></figcaption></figure>

3. **Add Jobs**

Click on the **Jobs** field and create a sequence of jobs (scanners) by selecting the required jobs from the drop-down list&#x20;

Scanning will be performed sequentially based on the selected set of jobs

<figure><img src="https://3069717380-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M81VrXQrfSaYjNIFOtt%2Fuploads%2F4EuCaJ8RBpBdnxi7Rvdi%2Frun%202.png?alt=media&#x26;token=a7945b28-57a7-4246-8921-cdc0d63b834f" alt=""><figcaption></figcaption></figure>

4. **Add environment variables**

The variables **require** you to specify information about your product and its location&#x20;

| Name                                                 | Description                                                                                                                        |
| ---------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------- |
| <mark style="color:blue;">`PRODUCT_NAME`</mark>      | name of your product                                                                                                               |
| <mark style="color:blue;">`PORTAL_IMPORT_URL`</mark> | address where reports will be sent (delivery point)                                                                                |
| <mark style="color:blue;">`PORTAL_TOKEN`</mark>      | credentials for delvery point                                                                                                      |
| <mark style="color:blue;">`REPOSITORY`</mark>        | URL of the cloned repository to be scanned, where the **code** will be checked in                                                  |
| <mark style="color:blue;">`DOCKER_IMAGE`</mark>      | reference to a list of your docker **images**, e.g. *registry.gitlab.com/whitespots-public/appsec-portal/back/appsecportal:latest* |
| <mark style="color:blue;">`DOMAIN`</mark>            | domain of your **web** product                                                                                                     |
| <mark style="color:blue;">`HOST`</mark>              | IP address of your **web** product                                                                                                 |

Optionally you can specify other variables that you need to set

<figure><img src="https://3069717380-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M81VrXQrfSaYjNIFOtt%2Fuploads%2F8PIAlOXKBZvB8jtNcsg2%2Frun%203.png?alt=media&#x26;token=8ad6af7c-ef83-4ae7-87d6-7f2ade718bcf" alt=""><figcaption></figcaption></figure>

5. **Run pipline**

Click Run pipeline

The scanning of your product will commence.\
After all the jobs in your pipeline have finished their work, the status of the Pipeline will change from     **`In progress`** to **`Finished`**

<figure><img src="https://3069717380-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M81VrXQrfSaYjNIFOtt%2Fuploads%2Fcjl6CILpPhK2IeYTbBL2%2Faudit6(1).png?alt=media&#x26;token=0fe5e22a-e2c0-4155-930d-5854a5542957" alt=""><figcaption></figcaption></figure>

6. **Get Results**

At the location specified by the environment variable (PORTAL\_URL), retrieve reports from each scanner in your pipeline

Clicking on a pipeline provides information about the Jobs in it, as well as Logs for each of them

<figure><img src="https://3069717380-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M81VrXQrfSaYjNIFOtt%2Fuploads%2Fd6calJ7skjn4KLjcp6xI%2Faudit3.png?alt=media&#x26;token=79811e96-d7f5-46cd-9a51-5b2b8f74352b" alt=""><figcaption></figcaption></figure>

You can bulk delete all pipelines by clicking on the button <img src="https://3069717380-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M81VrXQrfSaYjNIFOtt%2Fuploads%2FB2LrbzvFRdoVEqa7F3Bl%2Fimage.png?alt=media&#x26;token=12a89e5c-cb64-4f61-9962-b8ed4b73874a" alt="" data-size="line">

<figure><img src="https://3069717380-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M81VrXQrfSaYjNIFOtt%2Fuploads%2FeeHxaM5pOKcl2cTwVFUR%2Faudit2.png?alt=media&#x26;token=2c98fd26-1e4a-4414-9276-15fbbe1f7473" alt=""><figcaption></figcaption></figure>

{% hint style="success" %}
When scanning a code with Auditor, if the code is not loaded by the technical scanner, the pipelines are automatically killed.
{% endhint %}

You can also filter the available pipelines by clicking on the filter button in the right panel. \
You can filter your results by Job name and/or status

<figure><img src="https://3069717380-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M81VrXQrfSaYjNIFOtt%2Fuploads%2FLY1eMNU4HTVPkpYDX9lI%2Fauditor%20filter%201.png?alt=media&#x26;token=b301c537-f7ce-4ae0-9331-504471332348" alt=""><figcaption></figcaption></figure>