From 6d4b3f654e53e3a06cc53a60290c0ea77965ca09 Mon Sep 17 00:00:00 2001
From: Paul Osinski <paul-work@Pauls-MacBook-Pro.local>
Date: Thu, 28 Sep 2023 19:33:26 -0400
Subject: [PATCH] add parser formatting to bandit.md

---
 .../en/integrations/parsers/file/bandit.md    | 65 ++++++++++++++++++-
 1 file changed, 64 insertions(+), 1 deletion(-)

diff --git a/docs/content/en/integrations/parsers/file/bandit.md b/docs/content/en/integrations/parsers/file/bandit.md
index a1773574546..f9b1c76b7ea 100644
--- a/docs/content/en/integrations/parsers/file/bandit.md
+++ b/docs/content/en/integrations/parsers/file/bandit.md
@@ -2,4 +2,67 @@
 title: "Bandit"
 toc_hide: true
 ---
-JSON report format
+
+### File Types
+DefectDojo parser accepts a .json file.
+
+To export a .json file from Bandit, you will need to install and run the .json report formatter to your Bandit instance.  
+See Bandit documentation: https://bandit.readthedocs.io/en/latest/formatters/index.html
+
+
+### Acceptable JSON Format
+All properties are expected as strings, except "metrics" properties, which are expected as numbers.  All properties are required by the parser.
+
+~~~
+{
+    "errors": [],
+    "generated_at": "example-timestamp",
+    "metrics": {
+        "_totals": {
+            "CONFIDENCE.HIGH": 1.0,
+            "CONFIDENCE.LOW": 0.0,
+            "CONFIDENCE.MEDIUM": 0.0,
+            "CONFIDENCE.UNDEFINED": 0.0,
+            "SEVERITY.HIGH": 0.0,
+            "SEVERITY.LOW": 1.0,
+            "SEVERITY.MEDIUM": 0.0,
+            "SEVERITY.UNDEFINED": 0.0,
+            "loc": 2,
+            "nosec": 0
+        },
+            "one/one.py": {
+                "CONFIDENCE.HIGH": 1.0,
+                "CONFIDENCE.LOW": 0.0,
+                "CONFIDENCE.MEDIUM": 0.0,
+                "CONFIDENCE.UNDEFINED": 0.0,
+                "SEVERITY.HIGH": 0.0,
+                "SEVERITY.LOW": 1.0,
+                "SEVERITY.MEDIUM": 0.0,
+                "SEVERITY.UNDEFINED": 0.0,
+                "loc": 2,
+                "nosec": 0
+            }
+        ...
+    },
+    "results": [
+            {
+                "code": "1 import os\n2 assert False\n",
+                "filename": "example.filename",
+                "issue_confidence": "example_confidence",
+                "issue_severity": "example_severity",
+                "issue_text": "Example issue description.",
+                "line_number": 2,
+                "line_range": [
+                    2
+                ],
+                "more_info": "https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html",
+                "test_id": "B101",
+                "test_name": "assert_used"
+            }
+        ...
+    ]
+}
+~~~
+
+### Sample Scan Data
+Sample Bandit scans can be found at https://github.com/DefectDojo/sample-scan-files/tree/master/bandit.
\ No newline at end of file