Gate: retrieved_files

Introduction

The “retrieved_files” gate allows users to check against the content and/or presence of files retrieved at the time of analysis for an image SBOM. The intent of this gate is to allow users to utilize the retrieve_files cataloger in order to create policy rules from a configured file list. However, the usage of this gate depends on running the retrieve_files cataloger which will require more resources and time to perform analysis on the image SBOM. For more information about cataloger scans, please click here.

The “retrieved_files” gate differs from the “files” gate. The “retrieved_files” gate utilizes Anchore Enterprise’s cataloger capability and checks against files that are provided and stored by the user, while the “files” gate checks against the files present in the analyzed image SBOM (ie file content, file names, filesystem attributes)

Example Use-case

Scenario 1

Goal: Create a rule that results in a STOP action if the regex “SSIEnabled” is not found in the content of the file in the path /etc/httpd.conf.

Example rule set configuration in Anchore Enterprise

Gate: retrieved files
Trigger: content regex
Required Parameters: path = “/etc/httpd.conf”, check = “no match”, regex = “SSIEnabled”
Action: STOP

retrievedfiles

Reference: retrieved_files

Trigger Name	Description	Parameter	Description	Example
content_not_available	Triggers if the specified file is not present/stored in the evaluated image.	path	The path of the file to verify has been retrieved during analysis	/etc/httpd.conf
content_regex	Evaluation of regex on retrieved file content	path	The path of the file to verify has been retrieved during analysis	/etc/httpd.conf
content_regex	Evaluation of regex on retrieved file content	check	The type of check to perform with the regex	match
content_regex	Evaluation of regex on retrieved file content	regex	The regex to evaluate against the content of the file	.SSlEnabled.

Last modified April 29, 2026