Chapter 2. Assessment by rule severity

Each rule is given a severity rating that defines a level of the total risk that a rule poses to your infrastructure. Total risk is a combination of the likelihood that a rule will impact systems in your infrastructure, and the level of expected impact to the system if the identified risk occurs.

2.1. Assessing infrastructure exposure by rule severity

Use Red Hat Insights to view the most severe risks to your infrastructure and plan resolutions accordingly.

Procedure

  1. From the Insights Overview, under Rule hits by severity, click on rules hits for a particular severity rating.
  2. Modify your Rule-table view.

    1. Search by the rule name.
    2. Add filters or use the sorting function at the top of each column to show or group rules of particular interest.
    3. By default, the checkbox is selected to Show Rules With Hits. Unclick the box to see all the rules that Insights checks your systems against, including those that have no impact on your systems.
    4. Sort the columns of the Rule table to see, for example, which rules are impacting the greatest number of systems.
    5. Hide rules from view by disabling them.

      1. Click the Actions menu (three vertical dots).
      2. Click Disable Rule.
  3. Select a rule from the list.

    1. Click on the arrow next to the rule name to view the rule description, access knowledgebase documentation, if available, and view risk of change, an indicator of the likelihood that remediation of the rule on the system will result in system downtime.
    2. Click on the rule name to view the Affected Systems list.
  4. Click on a system name to see system details and a list of rules affecting that system.