| To trigger a scan, one can simply use the CLI.
The lacework vulnerability container scan command is versatile: Usage: lacework vulnerability container scan <registry> <repository> <tag|digest> [flags] Flags: --details increase details of a vulnerability assessment --fail_on_fixable fail if the assessed container has fixable vulnerabilities --fail_on_severity string specify a severity threshold to fail if vulnerabilities are found (critical, high, medium, low, info) --fixable only show fixable vulnerabilities -h, --help help for scan --html generate a vulnerability assessment in HTML format --packages show a list of packages with CVE count --poll poll until the vulnerability scan completes --severity string filter vulnerability assessment by severity threshold (critical, high, medium, low, info)
Example commands: 'Scan the latest version of the FortiCNAPP Lacework data collector on the latest tag in Dockerhub': lacework vulnerability container scan index.docker.io lacework/datacollector latest
'Scan the latest version of the FortiCNAPP Lacework data collector on the latest tag in Dockerhub but only show fixable CVEs': lacework vulnerability container scan index.docker.io lacework/datacollector latest --fixable --poll
'Scan the latest version of the FortiCNAPP Lacework data collector on the latest tag in Dockerhub showing the packages broken down into how many CVEs each package has': lacework vulnerability container scan index.docker.io lacework/datacollector latest --packages --poll
Note: - Ensure to use the --poll option so that the scan returns in the current CLI session; not using poll will save the scan results to the platform itself.
- To scan a registry, it needs to be integrated already into the FortiCNAPP Lacework platform; in this example, an integration in the platform for DockerHub has been added.
The 'Registry Domain' is what is used in the CLI argument for the registry | 
