Chapter 3. Assessment by rule category

The Insights team categorizes each rule based on the potential impact on one of the following areas of operation:

  • Availability. The availability of a service can be compromised even if the service’s host machine is up and running. Actions in the Availability category pertain to networking and/or service issues on a given machine. Review and resolve these availability issues to ensure that your vital services can be reached.
  • Stability. Hardware issues, kernel panics, and memory corruption can lead to outages and data loss. Red Hat Insights detects stability issues in your environment that need to be addressed.
  • Performance. File system, networking, and NUMA performance issues can cause unacceptable slow downs in your server environments. Whether it be hardware error or simple configuration, Red Hat Insights can find it. Reviewing, and resolving these actions will help you maintain your environment’s performance.
  • Security. Insights not only detects security issues, it also strives to let you know whether these issues leave you in a vulnerable state. SSL exploits, remote access, and local privilege escalation issues can lead to compromised data and data loss. Review and resolve these security issues to ensure your systems and data are kept safe.

3.1. Assessing infrastructure exposure by rule category

Use Red Hat Insights to view rules by category of the type of risk they pose to your infrastructure.

Procedure

  1. Go to the Red Hat Insights Overview and, under the Rule hits by category heading, click on a category name.
  2. Modify your Rule table view.

    1. Search by the rule name.
    2. Apply Filters to include rules by risk type, category, and status (enabled or disabled) in your view.
    3. By default, the checkbox is selected to Show Rules With Hits. Unclick the box to see all the rules that Insights checks your systems against, including those that have no impact on your systems.
    4. Sort the various columns of the Rule table to see, for example, which rules are impacting the greatest number of systems.
    5. Hide rules from view by disabling them.

      1. Click the actions menu (three vertical dots).
      2. Click Disable Rule.
  3. Select a rule from the list.

    1. Click on the right arrow to view the rule description, access knowledgebase documentation, if available, and view risk of change, an indicator of the likelihood that resolution of the rule on a system will result in system downtime.
    2. Click on the rule name to view the Affected Systems list.
  4. Click on a system name to see system details and a list of rules affecting that system.