# Xygeni CLI Output Formats **By default**, if no specific option is provided, `xygeni scan` dumps each command results **in tabular format to the standard output**. ### Output Formats `xygeni scan` allows to specify different **output formats** through `-f |--format` ``` -f, --format= Output format: none, text, markdown, json, csv, sarif (default: [text]) ``` The output formats available are: * `none`, useful for the scanner to emit no output if there are no other output formats specified. * `text`, (**default**) for text table format. * `markdown`, similar to `text` but with the table rendered in Markdown format. * `csv`, comma-separated values (CSV) format with commas as file separator and lines separated by CR + LF characters. * `json`, JSON format. This format is used for uploading results to the platform servers. * `sarif`, SARIF format for exchange with other tools. Useful for importing results into source code managers like GitHub. {% hint style="info" %} **Multiple output formats** could be specified with `-f` or `--format`. {% endhint %} **Format configuration**: Each scan configuration file `conf/xygeni.SCAN.yml` contains a `report` section for configuring each report with each scan results. For example, to choose a different set of columns for the CSV report, you may edit the `columns` field under `-format: csv`. Note: the `--report-columns` option with specific scans may be given to select which columns to export for the csv and text formats. ### Output/report file(s) If you want to send the output to a file you can use `-o|--output` ``` -o, --output= Output file template (filename will be prefixed by 'SCAN.'). Use 'stdout' or '-' for standard output, 'stderr' for standard error. ``` When `-o|--output FILE` option is not provided, the standard output will be used. Otherwise, the output will be done in the FILE specified, creating the intermediate directories when needed. You may use a dash (`-`) or `stdout` for standard output (the default), and `stderr` for the standard error. {% hint style="info" %} When there are multiple scans, FILE will be prefixed with the scan name plus a dot: `SCAN.FILE`. {% endhint %} The report file names produced follow this algorithm: 1. If there is a single format specified, `FILE` will be used unchanged if it is a `FILE` (not existing directory at that location). 2. If there is a single format specified and `FILE` is a directory, a file name with the project name, handled to translate characters not allowed in file name and whitespace to \_ (underscore), and extension the name of the format (text, csv, json, sarif…​). 3. When multiple formats, and `FILE` is not a directory, `FILE` will have the extension removed if any of the format names are replaced for each format. So - when `--format=csv,json,sarif --output=path/my_report.json` the output paths should be (`path/my_report.csv`, `path/my_report.json`, `path/my_report.sarif`), as the extension `.json` matched one of the format names. - with `--format=csv,json,sarif --output=path/my_report.v1` the output paths should be (`path/my_report.v1.csv`, `path/my_report.v1.json`, `path/my_report.v1.sarif`), as extension does not match any of the format names. 4. When multiple formats, and `FILE` is a directory, then the project name (escaped) will be used as filename, and format name will be used as extension for each of the output files created in the given directory. For example, with `--output=a/directory --format=csv,sarif` and the project name is 'acme/fish and chips', two files will be created as `a/directory/acme_fish_and_chips.csv` and `a/directory/acme_fish_and_chips.sarif`. **Examples:** The command: ```asciidoc xygeni scan -f csv -o reports/my_project ``` will generate one `.csv` file for each scan step under the reports directory, named SCAN.my\_project.csv: `codetamper.my_project.csv, compliance.my_project.csv, …​, secrets.my_project.cvs`. The command: ```asciidoc xygeni scan -f csv -f sarif -o reports/my_project ``` will generate one `.csv` file and one `.sarif` file for each scan step under the reports directory, named my\_project.EXT: `my_project.csv` and `my_project.sarif`. The command: ```asciidoc xygeni secrets -f csv -f sarif -o reports/my_project ``` will generate one `.csv` file and one `.sarif` file under the reports directory, named my\_project.csv: `codetamper.my_project.csv, compliance.my_project.csv, …​, secrets.my_project.cvs`.