Generating Compliance Service Reports

Red Hat Insights 2021

Communicate the compliance status of your RHEL infrastructure to security stakeholders

Red Hat Customer Content Services

Abstract

Generate a variety of reports to communicate to enterprise security auditors the security-policy compliance status of your RHEL environment.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. We are beginning with these four terms: master, slave, blacklist, and whitelist. Because of the enormity of this endeavor, these changes will be implemented gradually over several upcoming releases. For more details, see our CTO Chris Wright’s message.

Providing feedback on Red Hat Hybrid Cloud Console documentation

We appreciate your input on our documentation. Please let us know how we could make it better. To do so, create a Bugzilla ticket:

  1. Go to the Bugzilla website.
  2. As the Component, use Documentation.
  3. Fill in the Description field with your suggestion for improvement. Include a link to the relevant part(s) of documentation.
  4. Click Submit Bug.

Chapter 1. Overview of Insights for RHEL compliance service reports

The compliance service enables users to export granular data based on filters in place at the time of export. Exporting a compliance report requires the following actions:

  • Uploading current OpenSCAP results
  • Filtering your view in the compliance service
  • Exporting to CSV or JSON file and saving your download

Chapter 2. Uploading current OpenSCAP data for your system

The compliance service presents data from OpenSCAP scans. Whether you are using the compliance service to view system compliance status, remediate issues, or report on results, ensure that you are seeing current data by uploading the latest system data from OpenSCAP before continuing with other procedures.

Procedure

  1. Run the following command to upload current data from OpenSCAP:

    [root@server ~]# insights-client --compliance

Chapter 3. Exporting a compliance report for selected systems

Perform the following steps to export a compliance report showing CVEs impacting your systems, based on filtering in place at the time of export.

3.1. Exporting a report for a single policy

Perform the following steps to export a compliance report for a single policy.

Procedure

  1. Navigate to the Red Hat Enterprise Linux > Compliance > Reports tab and log in if necessary.
  2. Click on the policy to view the report.
  3. Apply filters as needed to refine results.
  4. Click View policy for more detailed information such as compliance threshold and business objective.
  5. At the top of the systems list, click the download icon to the right of the Remediate button and select Export to CSV or Export to JSON, based on your export preferences.
  6. Choose to open or save the file. Then click OK.

3.2. Exporting a report for selected systems

Perform the following steps to export a compliance report for selected systems.

Procedure

  1. Navigate to Red Hat Enterprise Linux > Compliance > Systems and log in if necessary.
  2. Apply filters as needed to refine results.
  3. Select the systems you want to see in the report by checking the box next to each system name.
  4. At the top of the systems list, click the download icon and select Export to CSV or Export to JSON, based on your export preferences.
  5. Choose to open or save the file. Then click OK.

Chapter 4. Reference materials

To learn more about the compliance service, see the following resources:

Legal Notice

Copyright © 2021 Red Hat, Inc.
The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at http://creativecommons.org/licenses/by-sa/3.0/. In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version.
Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.
Red Hat, Red Hat Enterprise Linux, the Shadowman logo, the Red Hat logo, JBoss, OpenShift, Fedora, the Infinity logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries.
Linux® is the registered trademark of Linus Torvalds in the United States and other countries.
Java® is a registered trademark of Oracle and/or its affiliates.
XFS® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries.
MySQL® is a registered trademark of MySQL AB in the United States, the European Union and other countries.
Node.js® is an official trademark of Joyent. Red Hat is not formally related to or endorsed by the official Joyent Node.js open source or commercial project.
The OpenStack® Word Mark and OpenStack logo are either registered trademarks/service marks or trademarks/service marks of the OpenStack Foundation, in the United States and other countries and are used with the OpenStack Foundation's permission. We are not affiliated with, endorsed or sponsored by the OpenStack Foundation, or the OpenStack community.
All other trademarks are the property of their respective owners.