Sonarqube 6.x and 7.x history report via web API

We migrated from Sonarqube 6.7.2 to 7.9.3. I need to retrieve the historical data from earlier 6.7.2 scans (as well as possibly development 7.9.3 scans) - at least some semblance of what UI provides so that (after we decomission 6.7.2 ) ideally an auditor or someone doing a security assessment can get an idea about when a certain vulnerability was first found, when it was fixed, etc by looking at our saved history data in Excel or a DB. For example ProjName, ClassName, Line, Violation, Date - something like that.
Per earlier suggestions I looked at api/measures/search_history, issue history, and few other APIs but I can’t figure out how to really get all that info I need. Are there samples, canned reports, list of fields for “metrics” parameter, any idea on how to join IDs to actual names, any other materials or helpful suggestions? Thank you!


First, to be clear, you didn’t lose any data in the migration from 6.7.2 to 7.9.3. All the data that was there before migration is still there afterward. (I say that because I have the sense from your message that you’re worried about making a record before you lose something).

For that, you can look at the issue creation date, although sometimes issues are backdated.

That’s going to be a little more problematic because Closed issues are cleaned out of the database when they’ve been closed for 30 days. Further, we don’t keep track of when issues are closed, so tying the fix to a particular analysis is going to be tricky at best, and really not practical.


Hi Ann,
Thank you for your answers. See I did it in parallel (i actually described the strategy in my earlier post, but its super simple) - I restored 6x to another new server (db and app servers both restored on corresponding pair of new servers), then upgraded the new ones to 7x. At that point 7x had the same data. But, as time went by, and adoption was slow, still is, old projects were using 6x for several weeks now, and accumulated data not in 7x, while 7x was used by pilots and new projects, which also accumulated data in 7x that is not in 6x. We understood the risk of this gap happening and my manager offered that as long as we can extract the data somehow, we should be fine. Now SQL based extract is not recommended or supported (that would have been my first option, I used this approach on a couple of other projects upgrading other software - just a report that had flattened data for us to play with if need arises), and now as I’m staring at various API responses I am really in over my head as to how to join them into something simple we could use. I understand that the underlying datamodel is tremendously complex and reflexts power and flexibility and extensibility of Sonarqube which I genuinely recognize and respect, but my goal is so humble in comparison - I just need to know that com.mycompany.MyClass had issues A, B, C found on MM/dd/yy - and the A,B,C to be human readable (long description or short or even commonly recognized code I could Google ). Do you have any thoughts on how I could do that - for my overlap period? Also a note that since we do not use SQ properly yet, we are unlikely to be closing issues, overriding priorities, manually ignoring anything and such - data is as pristine as it can be. Thanks again for your help!


Here’s my understanding of your situation:

You now have 2 production SonarQube servers, one on 6.7 and one on 7.x (I really hope that ‘x’ is 9.) and you want to combine them. The only functionality for this is part of Enterprise Edition($$). It’s called Project Move. To use it, you’ll need to upgrade your 6.7 server to the same version as the 7.x server. Then you’ll be able to export projects from one server and import them into the other. After that, I suggest you

  • immediately shut down the old server
  • immediately upgrade the now sole production server to 7.9.4 and then on to 8.4.1, the current version

This is probably not the path you were looking for, but it’s the only one I see unless you want to just scrap the 6.7 server and analyze the projects on it from scratch on the new server.


Hi Ann,
We have 6.7.2 (old) and 7.9.3 (new LTS) version.
We have community edition, cost of enterprise edition is too high for us for what we do with the tool for now.
We want to decommission 6.7.2 and stay with 7.9.3 because it is LTS.
Now, my goal is to create a report I mentioned - in pseudo code:
select projectName, className, violationDescription, scanDate
from SQDB
where scanDate>= :parallelStart
How can I do it please - in 6.7.2 and/or in 7.9.3?

Thank you very much!

Hi Dan,

Take a look at the issues web services. You’ll find a link to on-board web service documentation in the footer. I don’t quite understand this:

You’ll get the creation date, but keep in mind that sometimes issues are backdated (as referenced above), so maybe creation != analysis date.


1 Like

Thanks Ann for all your help as always. I saw that issues search is a much better fit for what we are trying to do than history search, and with additionalFields set to “_all” it gives as much info as possible. Thanks again!

1 Like

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.