Walkthrough: Reviewing the results of a compliance check
This topic walks you through the process of examining the results of a compliance check and then exporting those results into a report. This topic includes the following sections:
This topic is intended for system administrators or operators who are responsible for ensuring compliance in the data center.
The results of Compliance Jobs show how components satisfy or fail to satisfy the compliance rules established in a component template. (A component is a user-defined collection of server configuration settings that encapsulate a service, application, or security policy.) After running a Compliance Job, you can display job results in a tab in the content editor. The tab contains a hierarchical tree that shows results for each run of the job. The following nodes under each job run present different views of the results:
- Rules View—Organizes information according to the compliance rules defined for each component template.
- Server View—Organizes information according to the components found on each server.
Selecting nodes below the Rules View or Server View nodes displays details about each compliance rule that was analyzed. See Compliance statuses of compliance rules for a description of the possible compliance rules statuses.
What does this walkthrough show?
This walkthrough is targeted for compliance operators. It shows how to:
- Access the results of a compliance check.
- Examine the results of each compliance rule.
- Export the compliance results. Possible formats are HTML, CSV, Asset Reporting Format (ARF), and Assessment Summary Results (ASR). ARF and ASR are standardized formats used primarily for transporting information between organizations.
What do I need to do before I get started?
For this walkthrough, we have:
- Logged on as BLAdmin, the default superuser for BSA. In production environments, BMC recommends that you grant access based on roles with a narrower set of permissions. See Walkthrough: Restricting permissions for a Compliance officer.
- Run a Compliance Job, as described in Walkthrough: Compliance audit based on a policy.
- If you want to export results to the ARF or ASR format, you must enable that capability by using the blasadmin utility to run this command:
set Appserver EnableARFAndASRExecution true. Then restart the Application Server.
How to analyze and report on compliance status
In the Jobs folder, navigate to a Compliance Job. Right-click the job and select Show results. A tab at right shows the job results.
|2||In the job results tab, expand a job run and select the Server View node. The pane at right shows the total number of compliant rules and non-compliant rules on each target server.|
|3||Expand the Server View node, expand one of the servers listed under the Server View node, and then select one of the components that the Compliance Job is examining. The pane at right shows a list of compliance rule sets defined for that component. Rule sets and rules (children of rule sets) that are shown in bold red indicate that the target is not compliant for that rule.|
Expand the component you are examining to show a list of all rule sets examined by the Compliance Job. Expand a rule set to show all rules in the set, and then select a rule. The pane at right shows the rule text (similar to its display in the Rule Editor, but without the option of editing).
If the rule is non-compliant, the conditions in the rule that are found to be non-compliant on the server are displayed in red. When you click a condition displayed in red, the full details of the condition are displayed in another pane below, so that you can compare the actual value on the server with the expected value set in the compliance rule.
You can perform a similar examination from the Rules View node.
You can download results of a Compliance Job to formats that are easily read or analyzed: HTML or CSV. The example shown here is a small portion of some results exported to the HTML format.
You can also download results to standardized formats used to transport information across organizations: Asset Reporting Format (ARF) and Assessment Summary Results (ASR). Both formats generate XML files structured according to accepted standards. The example shown here is a portion of an ASR file, structured according to rule name.
By default, the Application Server is not configured to allow export to the ARF and ASR formats. To enable these types of exports, use the blasadmin utility to run this command:
Wrapping it up
Congratulations, you have successfully reviewed results of a Compliance Job and exported those results as reports using various formats.
Where to go from here
To learn more about creating and using Compliance Jobs, see Creating and modifying Compliance Jobs.