9.3. Compliance Reports Overview

A Compliance report is the output of a policy run against a host. From the Compliance Reports page you can view individual reports or filter the list of available reports. All reports are listed in descending date order. For each report the total number of rules passed or failed per policy are listed. Click on each column's label to sort the list by that column, in either descending or ascending order.
All Compliance reports are available in the Satellite web UI via HostsReports.
To delete a compliance report, select Delete from the drop-down list beside View Report.
Compliance Reports Overview

Figure 9.4. Compliance Reports Overview

9.3.1. Searching Compliance Reports

To narrow the list of compliance reports, enter search criteria in the Search field and either press Enter or click Search. The search performed is case-insensitive. Click on the empty Search field to see a list of available search parameters.
See Table 17.2, “Supported Operators for Granular Search” for details of all available search operators. You can create complex queries with the logical operators: and, not and has.

Logical Operators

  • not: Negates an expression.
  • has: Object must have a specified property.
  • and: Combines search criteria.
The following search criteria finds all compliance reports for which more than five rules failed.
failed > 5
Regular expressions are not valid search criteria, however multiple fields can be searched. For example, the following query searches for OpenSCAP reports generated by the compliance_policy rhel7_audit from an hour ago.
"1 hour ago" && compliance_policy = date = "1 hour ago" && compliance_policy = rhel7_audit
To again list all available compliance reports, delete the Search criteria and press Enter or click Search.
Bookmarking Your Searches

You can bookmark a search, allowing you to easily apply the same search criteria. To create a bookmark:

Procedure 9.3.  To Bookmark a Search

  1. Apply your search criteria.
  2. From the Search list select Bookmark this search.
  3. Complete the Name field.
    If you want the bookmark available to other users of this Satellite instance, select the Public check box.
  4. Click Submit.
To use a bookmark, navigate to HostsReports, click the drop-down item beside the Search button and click the bookmark.

9.3.2. Viewing a Compliance Report

Navigate to HostsReports and click View Report in the row of the specific host.
A compliance report consists of the following sections:
  • Introduction
  • Evaluation Characteristics
  • Compliance and Scoring
  • Rule Overview

9.3.2.1. Evaluation Characteristics

This section provides details about an evaluation against a specific profile, including the host that was evaluated, the profile used in the evaluation, and when the evaluation started and finished. For reference, the IPv4, IPv6 and MAC addresses of the host are also listed.

Evaluation Characteristics

Target machine
The fully-qualified domain name (FQDN) of the evaluated host. Example: test-system.example.com.
Benchmark URL
The URL of the SCAP content against which the host was evaluated. Example: /var/lib/openscap/content/1fbdc87d24db51ca184419a2b6f.
Benchmark ID
The identifier of the benchmark against which the host was evaluated. A benchmark is a set of profiles. Example: xccdf_org.ssgproject.content_benchmark_RHEL_7.
Profile ID
The identifier of the profile against which the host was evaluated. Example: xccdf_org.ssgproject_content_profile_rht-ccp.
Started at
The date and time at which the evaluation started, in ISO 8601 format. Example: 2015-09-12T14:40:02.
Finished at
The date and time at which the evaluation finished, in ISO 8601 format. Example: 2015-09-12T14:40:05.
Performed by
The local account name under which the evaluation was performed on the host. Example: root.
Evaluation Characteristics

Figure 9.5. Evaluation Characteristics

9.3.2.2. Compliance and Scoring

This section provides an overview of whether or not the host is in compliance with the profile’s rules, a breakdown of compliance failures by severity, and an overall compliance score as a percentage. If compliance with a rule was not checked, this is categorized in the Rule results as Other.
Compliance and Scoring

Figure 9.6. Compliance and Scoring

9.3.2.3. Rule Overview

This section provides details of every rule and the compliance result, with the rules presented in a hierarchical layout.
Select or clear the check boxes to narrow the list of rules included in the compliance report. For example, if the focus of your review is any non-compliance, clear the pass and informational check boxes.
To search all rules, enter a criterion in the Search field. The search is dynamically applied as you type. Only a single, plain text criterion is accepted and applied as a case-insensitive search. As a result of the search, only those rules whose descriptions match the search criterion will be listed. The Search field accepts a single plain-text search term. To remove the search filter, delete the search criterion.
For an explanation of each result, hover the cursor over the status shown in the Result column.
Rule Overview

Figure 9.7. Rule Overview

9.3.2.4. Examining Rule Results

To determine why a host failed compliance on a rule, click on the rule's title. The window which then opens provides further details, including: a description of the rule (optionally instructions for bringing the host into compliance), the rationale for the rule, and optionally a remediation script.
Rule Evaluation Result

Figure 9.8. Rule Evaluation Result

Warning

Do not implement any of the recommended remedial actions or scripts without first testing them in a non-production environment.