×
 
 
  •  
$helper.renderConfluenceMacro('{bmc-global-announcement:$space.key}')
BMC Helix Cloud Security Administering

Viewing Remediation History

This topic was edited by a BMC Contributor and has not been approved.  More information.

BMC Helix Cloud Security enables you to perform remediation actions to rectify the violations identified by leveraging the out-of-the-box CIS policies. This ensures that confidential company information is not accidentally exposed to the public. BMC Helix Cloud Security offers the following types of remediation actions:

  • Auto Remediation: Triggers remediation action automatically if violations are detected.
  • On-Demand Remediation: Triggers remediation action according to user discretion if violations are detected.

It is also possible to disable previously enabled remediation.

This page covers the following topics:


Scenario

A company uses Amazon Simple Storage Service (S3) buckets to store and retrieve data. Depending on the bucket, and the data objects stored in it, providing access to any information about the buckets to all users might pose a security risk. The company wants to be able to remediate violations to ensure that all of the data associated with the buckets is properly secured.

The Cloud Security connectors identify violations, which can be found on the violations page. This page which will give you a clear idea of the severity of the violations, thus enabling you to prioritize.

Navigating to the Remediation History page

The Remediation History page displays the resources that are remediated by BMC Helix Cloud SecurityTo open the Remediation History page, perform one of the following actions:

  • From the Dashboard, click Remediation on the top navigational bar. 
  • From the Remediation Triggered widget on the Dashboard, click a section of the widget or the numeric/percentage area below the widget to display the Remediation History page with all filters set to the default states.

Page Details 

For any resource under consideration, the report shows the following details:

  • Resource Name: Displays the name of the resource.

    The Resource Name column now shows only resource name, although resources evaluated initially show resource name as well as connector name.

  • Remediation Action: Shows in brief the action performed as remediation.
  • Rule Name: Displays the name of the rule that was remediated as well as associated policy.
  • Remediation Trigger: Shows the type of remediation enabled for the resource. (AUTO or On-Demand).
  • User: Displays the name of the tenant.
  • Date: Displays the date and time of remediation trigger.
  • Status: Shows whether the remediation action was successful (green icon), failed (red icon) or is in progress (grey icon).

You can export all data present on the Remediation History page by clicking Export and choosing between the following formats:

  • Export to CSV: Exports the remediation data to a zip file containing a CSV file with policy details. CSV files can be created for the second level Remediations data.
    The naming convention of the downloaded file is: Date_Month_Year; for example, 25_August_2018
  1. The data under Remediation Trigger column in the BMC Helix Cloud Security UI can be found under the Configuration column of the excel sheet when exported in CSV format.
  2. When exporting data from Remediation History page in CSV format, the configuration column may not display that data in accordance with the selected filter (for older data, as the configuration column was not recorded earlier). This will not be an issue for freshly evaluated data.
  •    PDF: Exports the remediation data to PDF. This functionality is available to both Admin and View Only users.

           

Back to top

Customizing data on the Remediation page

You can use appropriate filters to get an optimum data set in the list of remediated resources. The filter bar present in the Remediation History page enables data sorting under the following types:

  • Connector: (Set to All Connectors by default) Lets you sort data by connector type. 
  • Resource Pools: (Set to All Resource Pools by default) Lets you sort data by Resource Pools
  • Account: (Set to All Account by default)  Lets you sort data by Account. 
  • Status: (Set to All Status by default) Lets you sort data based on remediation status.
    • Completed: Resources for which remediation is complete.
    • Failed: Resources for which remediation action failed.
    • Submitted: Resources for which remediation request has been submitted.
    • In Progress: Resources for which remediation action is in progress.
  • Date: (Set to Till Date by default) Lets you sort data according to the time period desired. The time frame can be chosen from:
    • Las 24 hours
    • Last 7 days
    • Last 14 days
    • Last 30 days
    • Till date
  • Tags: (Set to all tags by default) Lets you sort data by tag type.
  • Configuration: (Set to All Configuration by default) Lets you sort data according to the type of remediation triggered.
    • Auto: Displays resources for which auto-remediation has been enabled.
    • On-Demand: Displays resources for which user has specified On-Demand remediation.
  • Resource Type: (Set to All Resources by default) Lets you sort data according to type of resource required.

Back to top

Triggering Remediation Action

It is possible to trigger remediation in a number of ways in BMC Helix Cloud Security:

Back to top


Was this page helpful? Yes No Submitting... Thank you
Last modified by Geeta Gokhale on Feb 21, 2020
contributor_unapproved

Comments

Log in or register to comment.

Managing notifications
Managing Organizations
© Copyright 2017-2023 BMC Software, Inc.
Legal notices

Powered by Atlassian Confluence and Scroll Viewport

© Copyright 2005-2023 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.