This is a quick tutorial on how to get started with Repository Health Check (RHC) 2.0 available from Nexus Repository Manager 3.3.
NOTE: If you’re running an older version of Nexus Repository Manager, you’ll see some of the new features, but you’ll need to upgrade for the full experience, including download trends.
Sign into the Nexus Repository Manager UI and go to the Repositories feature in the admin section. The Health Check column is where we'll start.
First, click the Analyze button to enable RHC on a repository. A dialog box appears, giving you an opportunity to enable RHC on all supported repositories, or just the repository you selected.
Choose “Yes, only this repository” if you want to try out RHC on just the repository you selected. Once you do this, the Analyze button is replaced with an Analyzing… status. The initial scan might take several minutes.
(Tip: hit the Refresh button periodically to see when the scan is complete.)
Once the scan completes, an empty bar chart will appear. Over time, this chart will be populated with the following data:
- The total number of asset downloads over the last 30 days
- The total number of bad asset downloads over the last 30 days (i.e. assets belonging to components with vulnerabilities)
- Bar chart showing a rolling 30 day trend for both of the above
Hover your mouse over the chart to see the RHC summary for this repository. Initially, the summary will look something like this:
As assets are downloaded, the summary will gradually fill out with data. After a year, the summary will look something like this:
There’s a lot here, but here are a few of the highlights:
- Rolling 14 month trend of asset downloads, including month-over-month and year-over-year comparisons.
- Top 5 most vulnerable components downloaded from this repository in the last 30 days
- Link to the detailed RHC report (Pro users only)
If you’re running Pro, click the View Detailed Report button to access the same detailed RHC report that existed in the previous version of RHC.