0
# Project Monitoring
1
2
Continuous monitoring system for tracking security posture over time with automated alerts, notifications, and integration with the Snyk platform for ongoing vulnerability management.
3
4
## Capabilities
5
6
### Monitor Command
7
8
Main CLI command for setting up continuous project monitoring. **Note: Monitor functionality is only available via CLI commands, not through the programmatic API.**
9
10
```bash { .api }
11
# Monitor current project
12
snyk monitor
13
14
# Monitor with specific options
15
snyk monitor --org=<org-id> --project-name=<name>
16
17
# Monitor Docker container
18
snyk monitor --docker <image>
19
20
# Monitor with JSON output
21
snyk monitor --json
22
```
23
24
### Monitor Options
25
26
CLI options available for the monitor command:
27
28
```bash { .api }
29
# Core options
30
--org=<org-id> # Organization ID for monitoring
31
--project-name=<name> # Custom project name for identification
32
--file=<path> # Specific manifest file to monitor
33
--json # Return results in JSON format
34
--all-projects # Monitor all detected projects
35
--target-reference=<ref> # Target reference for Git projects
36
--remote-repo-url=<url> # Remote repository URL
37
38
# Advanced options
39
--prune-repeated-subdependencies # Skip dependency pruning for large projects
40
--print-deps # Print dependency information
41
--print-dep-paths # Print dependency paths
42
--experimental # Enable experimental features
43
--exclude-node-modules # Exclude node_modules from monitoring
44
--yarn-workspaces # Enable Yarn workspaces monitoring
45
--max-depth=<number> # Maximum dependency tree depth
46
--init-script=<script> # Initialization script for projects
47
--policy-path=<path> # Policy file path
48
```
49
50
### Monitor Result
51
52
When using `--json` output, the monitor command returns structured data:
53
54
```typescript { .api }
55
interface MonitorResult {
56
/** Unique project identifier */
57
id: string;
58
/** Snyk project URL */
59
uri: string;
60
/** Local project path */
61
path: string;
62
/** Project name */
63
projectName: string;
64
/** Organization identifier */
65
org?: string;
66
/** Monitoring status */
67
status: 'success' | 'error';
68
/** Monitoring is enabled flag */
69
isMonitored: boolean;
70
/** Trial started flag */
71
trialStarted: boolean;
72
}
73
```
74
75
### Monitor Meta
76
77
Metadata information included with monitor results:
78
79
```typescript { .api }
80
interface MonitorMeta {
81
/** Monitoring method used */
82
method: 'cli';
83
/** Detected package manager */
84
packageManager: string;
85
/** Policy file path */
86
'policy-path': string;
87
/** Project name used */
88
'project-name': string;
89
/** Docker monitoring flag */
90
isDocker: boolean;
91
/** Dependency pruning enabled */
92
prune: boolean;
93
/** Remote repository URL */
94
'remote-repo-url'?: string;
95
/** Target reference (branch/tag) */
96
targetReference?: string;
97
/** Assets project name flag */
98
assetsProjectName?: boolean;
99
}
100
```
101
102
**Usage Examples:**
103
104
```bash
105
# Basic project monitoring
106
snyk monitor
107
108
# Monitor with specific organization and project name
109
snyk monitor --org=my-org-id --project-name="My Important Project"
110
111
# Monitor all projects in monorepo
112
snyk monitor --all-projects --org=my-org-id
113
114
# Monitor with Git integration
115
snyk monitor --remote-repo-url=https://github.com/user/repo.git --target-reference=main
116
117
# Docker container monitoring
118
snyk monitor --docker nginx:latest --app-vulns
119
120
# Monitor with JSON output for automation
121
snyk monitor --json > monitor-result.json
122
```
123
124
### CLI Monitor Command
125
126
Command-line interface for setting up continuous monitoring.
127
128
```bash { .api }
129
# Basic usage
130
snyk monitor # Monitor current directory
131
snyk monitor /path/to/project # Monitor specific path
132
snyk monitor --org=<org-id> # Monitor with organization
133
134
# Project configuration
135
snyk monitor --project-name="My Project" # Custom project name
136
snyk monitor --target-reference=main # Specify Git branch/tag
137
snyk monitor --remote-repo-url=<git-url> # Link to Git repository
138
139
# Multi-project monitoring
140
snyk monitor --all-projects # Monitor all detected projects
141
snyk monitor --yarn-workspaces # Monitor Yarn workspaces
142
143
# Docker monitoring
144
snyk monitor --docker # Monitor Docker project
145
snyk monitor --app-vulns # Include application vulnerabilities
146
snyk monitor --exclude-app-vulns # Exclude application vulnerabilities
147
148
# Output options
149
snyk monitor --json # JSON output format
150
snyk monitor --print-deps # Print dependency information
151
152
# Advanced options
153
snyk monitor --file=package.json # Monitor specific manifest
154
snyk monitor --prune-repeated-subdependencies # Optimize for large projects
155
snyk monitor --max-depth=3 # Limit dependency depth
156
```
157
158
### Container Monitoring
159
160
Specialized monitoring for Docker containers and container registries.
161
162
```javascript { .api }
163
/**
164
* Monitor Docker container images
165
*/
166
// CLI usage for container monitoring
167
// snyk container monitor <image>
168
// snyk container monitor <image> --org=<org-id>
169
// snyk container monitor <image> --project-name="Container Project"
170
```
171
172
```bash { .api }
173
# Container monitoring commands
174
snyk container monitor nginx:latest # Monitor container image
175
snyk container monitor myapp:v1.0 --org=<org-id> # With organization
176
snyk container monitor alpine --project-name="Base Image" # Custom name
177
snyk container monitor ubuntu --app-vulns # Include application scanning
178
```
179
180
### Monitoring Management
181
182
Functions and commands for managing existing monitored projects.
183
184
```bash { .api }
185
# View monitored projects (via web interface)
186
# Projects are accessible at https://app.snyk.io/org/<org>/projects
187
188
# Remove monitoring (must be done via web interface or API)
189
# No direct CLI command for removing monitors
190
```
191
192
### Integration Capabilities
193
194
```javascript { .api }
195
// Monitoring integrates with:
196
// - GitHub, GitLab, Bitbucket repositories
197
// - CI/CD pipelines (Jenkins, GitHub Actions, etc.)
198
// - Container registries (Docker Hub, ECR, GCR, etc.)
199
// - Webhook notifications
200
// - Slack/email alerts
201
// - JIRA ticket creation
202
203
interface IntegrationOptions {
204
/** Enable webhook notifications */
205
webhooks?: WebhookConfig[];
206
/** Slack notification settings */
207
slack?: SlackConfig;
208
/** Email notification preferences */
209
email?: EmailConfig;
210
/** JIRA integration settings */
211
jira?: JiraConfig;
212
}
213
```
214
215
### Monitoring Workflow
216
217
```javascript { .api }
218
// Typical monitoring workflow:
219
// 1. Run snyk monitor to create snapshot
220
// 2. Snyk platform regularly rescans dependencies
221
// 3. New vulnerabilities trigger notifications
222
// 4. Developers receive alerts via configured channels
223
// 5. Fix vulnerabilities and monitor tracks improvements
224
225
const monitoringWorkflow = {
226
setup: 'snyk monitor --org=my-org',
227
schedule: 'Automatic daily scans',
228
alerts: 'Email/Slack/webhook notifications',
229
remediation: 'snyk fix or manual updates',
230
tracking: 'Historical vulnerability trends'
231
};
232
```
233
234
## Error Handling
235
236
```javascript { .api }
237
// Common monitoring errors
238
try {
239
const result = await snyk.monitor('./project');
240
} catch (error) {
241
if (error.code === 'NO_SUPPORTED_MANIFESTS') {
242
console.log('No supported package files found for monitoring');
243
} else if (error.code === 'MISSING_ORG') {
244
console.log('Organization required for monitoring');
245
} else if (error.code === 'AUTH_ERROR') {
246
console.log('Authentication failed - run snyk auth');
247
} else if (error.code === 'MONITOR_FAILED') {
248
console.log('Failed to set up monitoring:', error.message);
249
} else {
250
console.error('Monitor error:', error.message);
251
}
252
}
253
```
254
255
## Types
256
257
### Supporting Types
258
259
```typescript { .api }
260
interface WebhookConfig {
261
/** Webhook URL */
262
url: string;
263
/** Events to trigger webhook */
264
events: ('new-vulnerability' | 'remediation-available')[];
265
/** Authentication headers */
266
headers?: Record<string, string>;
267
}
268
269
interface SlackConfig {
270
/** Slack webhook URL */
271
webhookUrl: string;
272
/** Slack channel */
273
channel: string;
274
/** Notification frequency */
275
frequency: 'immediate' | 'daily' | 'weekly';
276
}
277
278
interface EmailConfig {
279
/** Email addresses for notifications */
280
recipients: string[];
281
/** Notification frequency */
282
frequency: 'immediate' | 'daily' | 'weekly';
283
/** Include vulnerability details */
284
includeDetails: boolean;
285
}
286
287
interface JiraConfig {
288
/** JIRA server URL */
289
serverUrl: string;
290
/** Project key */
291
projectKey: string;
292
/** Issue type */
293
issueType: string;
294
/** Authentication credentials */
295
credentials: JiraCredentials;
296
}
297
298
interface JiraCredentials {
299
/** Username */
300
username: string;
301
/** API token or password */
302
token: string;
303
}
304
305
interface ProjectTag {
306
/** Tag key */
307
key: string;
308
/** Tag value */
309
value: string;
310
}
311
312
interface ProjectAttributes {
313
/** Project criticality level */
314
criticality?: 'critical' | 'high' | 'medium' | 'low';
315
/** Project environment */
316
environment?: ('frontend' | 'backend' | 'internal' | 'external' | 'mobile' | 'saas' | 'onprem')[];
317
/** Project lifecycle stage */
318
lifecycle?: ('production' | 'development' | 'sandbox')[];
319
}
320
```