Viewing Remediation History
BMC Helix Cloud Security enables you to perform remediation actions to rectify the violations identified by leveraging the out-of-the-box CIS policies. This ensures that confidential company information is not accidentally exposed to the public. BMC Helix Cloud Security offers the following types of remediation actions:
- Auto Remediation: Triggers remediation action automatically if violations are detected.
- On-Demand Remediation: Triggers remediation action according to user discretion if violations are detected.
It is also possible to disable previously enabled remediation.
This page covers the following topics:
Navigating to the Remediation History page
The Remediation History page displays the resources that are remediated by BMC Helix Cloud Security. To open the Remediation History page, perform one of the following actions:
- From the Dashboard, click Remediation on the top navigational bar.
- From the Remediation Triggered widget on the Dashboard, click a section of the or the numeric/percentage area below the to display the Remediation History page with all filters set to the default states.
For any resource under consideration, the report shows the following details:
Resource Name: Displays the name of the resource.
The Resource Name column now shows only resource name, although resources evaluated initially show resource name as well as connector name.
- Remediation Action: Shows in brief the action performed as remediation.
- Rule Name: Displays the name of the rule that was remediated as well as associated policy.
- Remediation Trigger: Shows the type of remediation enabled for the resource. (AUTO or On-Demand).
- User: Displays the name of the tenant.
- Date: Displays the date and time of remediation trigger.
- Status: Shows whether the remediation action was successful (green icon), failed (red icon) or is in progress (grey icon).
You can export all data present on the Remediation History page by clicking Export and choosing between the following formats:
- Export to CSV: Exports the remediation data to a zip file containing a CSV file with policy details. CSV files can be created for the second level Remediations data.
The naming convention of the downloaded file is: Date_Month_Year; for example, 25_August_2018
- The data under Remediation Trigger column in the BMC Helix Cloud Security UI can be found under the Configuration column of the excel sheet when exported in CSV format.
- When exporting data from Remediation History page in CSV format, the configuration column may not display that data in accordance with the selected filter (for older data, as the configuration column was not recorded earlier). This will not be an issue for freshly evaluated data.
- PDF: Exports the remediation data to PDF. This functionality is available to both Admin and View Only users.
Customizing data on the Remediation page
You can use appropriate filters to get an optimum data set in the list of remediated resources. The filter bar present in the Remediation History page enables data sorting under the following types:
- Connector: (Set to All Connectors by default) Lets you sort data by connector type.
- Resource Pools: (Set to All Resource Pools by default) Lets you sort data by Resource Pools
- Account: (Set to All Account by default) Lets you sort data by Account.
- Status: (Set to All Status by default) Lets you sort data based on remediation status.
- Completed: Resources for which remediation is complete.
- Failed: Resources for which remediation action failed.
- Submitted: Resources for which remediation request has been submitted.
- In Progress: Resources for which remediation action is in progress.
- Date: (Set to Till Date by default) Lets you sort data according to the time period desired. The time frame can be chosen from:
- Las 24 hours
- Last 7 days
- Last 14 days
- Last 30 days
- Till date
- Tags: (Set to all tags by default) Lets you sort data by tag type.
- Configuration: (Set to All Configuration by default) Lets you sort data according to the type of remediation triggered.
- Auto: Displays resources for which auto-remediation has been enabled.
- On-Demand: Displays resources for which user has specified On-Demand remediation.
- Resource Type: (Set to All Resources by default) Lets you sort data according to type of resource required.
Triggering Remediation Action
It is possible to trigger remediation in a number of ways in BMC Helix Cloud Security:
- From the Resource Details page.
- From the Violations page.
- From the Violation Details page.
- From the Manage Policies page.
- From the Policy Details page.