> For the complete documentation index, see [llms.txt](https://docs.xygeni.io/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.xygeni.io/xygeni-products/application-security-posture-management-aspm/importing-reports-from-3rd-party-tools/inventory-report-import.md). # Inventory Report Import Cloud asset inventory — the workloads, containers, serverless functions, VPCs and managed services in your cloud accounts. Inventory imports give Xygeni the asset graph that other findings (IaC misconfig, SAST, SCA) can then be correlated against. ## How to import a report 1. **Download** and configure the CLI Scanner. See [these guidelines](https://docs.xygeni.io/xygeni-scanner-cli/xygeni-cli-overview/xygeni-cli-installation). 2. Use the xygeni **report-upload command**: **Convert + upload** (a report file produced by the tool): ```bash xygeni report-upload -n= --report="path/to/report_file" -f= [--branch="branch"] ``` **Pull** (where supported — see the [Pull mode](#pull-mode) section below): ```bash xygeni report-upload -n= --pull -f= [--filter key=value] ``` 3. Move to the [**Xygeni dashboard**](https://in.xygeni.io) to see the results. ## Supported formats | Format | Tool | Description | | ------------------------ | ------------ | ------------------------------------------------------ | | `inventory-trivy-k8s` | Trivy | Trivy Kubernetes cluster inventory, in JSON format | | `inventory-prisma-cloud` | Prisma Cloud | Prisma Cloud cloud resources inventory, in JSON format | | `inventory-wiz-cnapp` | Wiz CNAPP | Wiz CNAPP cloud resources inventory, in JSON format | ## Pull mode The following formats also support [pull mode](/xygeni-products/application-security-posture-management-aspm/importing-reports-from-3rd-party-tools/pull-mode-fetch.md) — the scanner calls the tool's API directly instead of reading a report file from disk: | Format | Tool | Auth | | ------------------------ | ------------ | ------------------------------------------------------------------------------------- | | `inventory-prisma-cloud` | Prisma Cloud | Custom `/login` token (Prisma `x-redlock-auth`) — uses the RQL config-search endpoint | | `inventory-wiz-cnapp` | Wiz CNAPP | OAuth2 client credentials with `audience=wiz-api` | See [Pull-mode fetch](/xygeni-products/application-security-posture-management-aspm/importing-reports-from-3rd-party-tools/pull-mode-fetch.md) for the per-tool walkthrough (env-var setup, selectors, filters). ## Dashboard results If the entered name matches an existing project, the assets in the report will be linked to that project. If the project does not exist, a new project will be created. Cloud resources from the inventory feed populate the [Inventory](/xygeni-products/application-security-posture-management-aspm/inventory.md) section of the ASPM UI; correlation with other findings (IaC, SAST, SCA) happens automatically as those findings reference the same provider unique IDs. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.xygeni.io/xygeni-products/application-security-posture-management-aspm/importing-reports-from-3rd-party-tools/inventory-report-import.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.