A Compliance report is the output of a policy run against a host. From the Compliance Reports page you can view individual reports or filter the list of available reports. All reports are listed in descending date order. For each report the total number of rules passed or failed per policy are listed. Click on each column's label to sort the list by that column, in either descending or ascending order.
9.3.1. Searching Compliance Reports
To narrow the list of compliance reports, enter search criteria in the Search field and either press Enter or click . The search performed is case-insensitive. Click on the empty Search field to see a list of available search parameters.
not: Negates an expression.
has: Object must have a specified property.
and: Combines search criteria.
The following search criteria finds all compliance reports for which more than five rules failed.
failed > 5
Regular expressions are not valid search criteria, however multiple fields can be searched. For example, the following query searches for OpenSCAP reports generated by the compliance_policy
rhel7_audit from an hour ago.
"1 hour ago" && compliance_policy = date = "1 hour ago" && compliance_policy = rhel7_audit
To again list all available compliance reports, delete the Search criteria and press Enter or click .
Bookmarking Your Searches
You can bookmark a search, allowing you to easily apply the same search criteria. To create a bookmark:
Procedure 9.3. To Bookmark a Search
Apply your search criteria.
From the Search list select Bookmark this search.
Complete the Name field.
If you want the bookmark available to other users of this Satellite instance, select the Public check box.
To use a bookmark, navigate to Search button and click the bookmark.
→ , click the drop-down item beside the
9.3.2. Viewing a Compliance Report
Navigate to View Report in the row of the specific host.
→ and click
A compliance report consists of the following sections:
126.96.36.199. Evaluation Characteristics
This section provides details about an evaluation against a specific profile, including the host that was evaluated, the profile used in the evaluation, and when the evaluation started and finished. For reference, the IPv4, IPv6 and MAC addresses of the host are also listed.
The fully-qualified domain name (FQDN) of the evaluated host. Example:
The URL of the SCAP content against which the host was evaluated. Example:
The identifier of the benchmark against which the host was evaluated. A benchmark is a set of profiles. Example:
The identifier of the profile against which the host was evaluated. Example:
The date and time at which the evaluation started, in ISO 8601 format. Example:
The date and time at which the evaluation finished, in ISO 8601 format. Example:
The local account name under which the evaluation was performed on the host. Example:
Figure 9.5. Evaluation Characteristics
188.8.131.52. Compliance and Scoring
This section provides an overview of whether or not the host is in compliance with the profile’s rules, a breakdown of compliance failures by severity, and an overall compliance score as a percentage. If compliance with a rule was not checked, this is categorized in the Rule results as Other.
Figure 9.6. Compliance and Scoring
This section provides details of every rule and the compliance result, with the rules presented in a hierarchical layout.
Select or clear the check boxes to narrow the list of rules included in the compliance report. For example, if the focus of your review is any non-compliance, clear the pass and informational check boxes.
To search all rules, enter a criterion in the Search field. The search is dynamically applied as you type. Only a single, plain text criterion is accepted and applied as a case-insensitive search. As a result of the search, only those rules whose descriptions match the search criterion will be listed. The Search field accepts a single plain-text search term. To remove the search filter, delete the search criterion.
For an explanation of each result, hover the cursor over the status shown in the Result column.
Figure 9.7. Rule Overview
184.108.40.206. Examining Rule Results
To determine why a host failed compliance on a rule, click on the rule's title. The window which then opens provides further details, including: a description of the rule (optionally instructions for bringing the host into compliance), the rationale for the rule, and optionally a remediation script.
Figure 9.8. Rule Evaluation Result
Do not implement any of the recommended remedial actions or scripts without first testing them in a non-production environment.