Chapter 4. Analyzing and triaging your compliance reports

The compliance service displays data for each policy and system registered (and reporting data) to the service. This can be a lot of data, most of which might not be relevant to your immediate goals.

The following sections discuss ways to refine the bulk of compliance service data—​in Reports, SCAP policies, and Systems—​to focus on the systems or policies that matter the most to you.

The compliance service enables users to set filters on lists of systems, rules, and policies. Like other Insights for Red Hat Enterprise Linux services, the compliance service also enables filtering by system-group tags. However, because compliance-registered systems use a different reporting mechanism, the tag filters must be set directly in lists of systems in the compliance UI views, rather than from the global, Filter by status dropdown used elsewhere in the Insights application.

Important

To see accurate data for your systems, always run insights-client --compliance on each system prior to viewing the results in the UI.

4.1. Compliance reports

From Security > Compliance > Reports, use the following primary and secondary filters to focus on a specific or narrow set of reports:

  • Policy name. Search for a policy by name.
  • Policy type. Select from the policy types configured for your infrastructure in the compliance service.
  • Operating system. Select one or more RHEL OS major versions.
  • Systems meeting compliance. Show policies for which a percentage (range) of included systems are compliant.

4.2. SCAP policies

From Security > Compliance > SCAP policies, use the Filter by name search box to locate a specific policy by name. Then click on the policy name to see the policy card, which includes the following information:

  • Details. View details such as compliance threshold, business objective, OS, and SSG version.
  • Rules. View and filter the rules included in the specific SSG version of the policy by Name, Severity and Remediation available. Then sort the results by Rule name, Severity or Ansible Playbook support.
  • Systems. Search by system name to locate a specific system associated with the policy then click the system name to see more information about that system and issues that may affect it.

4.3. Systems

The default functionality on Security > Compliance > Systems is to search by system name.

  • Tags. Search by system group or tag name.
  • Name. Search by system name.
  • Policy. Search by policy name and see the systems included in that policy.
  • Operating system. Search by RHEL OS major versions to see only RHEL 7 or RHEL 8 systems.

4.4. Searching

The search function in the compliance service works in the context of the page you are viewing.

  • SCAP Policies. Search for a specific policy by name.
  • Systems. Search by system name, policy, or Red Hat Enterprise Linux operating system major version.
  • Rules list (single system). The rules list search function allows you to search by the rule name or identifier. Identifiers are shown directly below the rule name.