# General usage

Granted [Docker is installed](https://docs.docker.com/install/linux/docker-ce/ubuntu/#install-using-the-convenience-script) on your machine, download Meterian convenience script [docker-scan.sh](https://raw.githubusercontent.com/MeterianHQ/docker-scanner-engine/master/docker-scan.sh).&#x20;

Render the script executable and simply invoke a one-time analysis of any given Docker image by executing `docker-scan.sh` (the target image must be already pulled on you machine)

```
$ ./docker-scan.sh redis:latest
```

Following this invocation the analysis kicks off and a link to the final results is displayed right at the end. Here is a sample:

<pre><code>Meterian Docker Scanner v1.1.3, build e9ca5c9-260
© 2017-2022 Meterian Ltd - All rights reserved

Account: "Meterian Team Account"
- Minimum scores:  
  - security:  90
  - stability: 90
  - licensing: 90

Project information:
- url:    docker:redis
- branch: latest
- commit: 495732ba570db6a3626370a1fb949e98273a13d41eb3e26f7ecb1f6e31ad4041

Scanning image: redis:latest

Preparing 3 scanners to the task...
Scanning - completed 1 out of 3 scans...
Scanning - completed 2 out of 3 scans...
Scanning - completed 3 out of 3 scans...
Merging results from 3 scanners...
Image scan was successful!

Analysing packages on Meterian...
Analysing vulnerabilities on Meterian...
Analysis completed!

Final results: 
- security:	0	(minimum: 95)
- stability:	97	(minimum: 95)
- licensing:	100	(minimum: 95)

Full report available at: 
<strong>https://www.meterian.com/projects/?pid=77621462-b218-4295-b15c-830467f554ef&#x26;branch=latest
</strong>
Build unsuccessful!
Failed checks: [security]

</code></pre>

Analyses need to be authenticated hence you will need to provide [a valid token](https://www.meterian.com/account/#tokens) through the environment variable `METERIAN_API_TOKEN` to execute one.

The script essentially runs the official container scanner Docker image [`meterian/cs-engine:latest`](https://hub.docker.com/r/meterian/cs-engine) taking care of essential volume maps and environment variables presets for you.

{% hint style="info" %}
Through Docker, the script will ensure to pull the latest version of container scanner image for you if it is not already pulled on your system. Subsequent invocations of the script will not ensure this. Newer versions of the image should be pulled with the docker pull command

```shell
$ docker pull meterian/cs-engine:latest
```

{% endhint %}

### Operational flags and overrides

The Meterian `docker-scan` script allows to provide different levels of verbosity of the output prompts seen above. Invoke the script with the flag

* `--info` for additional information logs to be displayed&#x20;
* `--debug` for complete debug logs to be displayed

Operational overrides are available through the environment variables

| Name                            | Description                                                                                                                    |
| ------------------------------- | ------------------------------------------------------------------------------------------------------------------------------ |
| **DSE\_SCAN\_TIMEOUT\_MINUTES** | Set this variable to override the time limit for single image scans. The default time limit is 10 minutes                      |
| **METERIAN\_ENV**               | For on-premises instances of Meterian set this variable to target the right subdomain of the site where your instance runs     |
| **METERIAN\_PROTO**             | For on-premises instances of Meterian set this variable to target the right HTTP protocol of the site where your instance runs |
| **METERIAN\_DOMAIN**            | For on-premises instances of Meterian set this variable to target the right domain of the site where your instance runs        |