Navigating the Dashboard
To access the latest information about this topic and all Cloud Security releases, check out the Release notes and notices.
The BMC Helix Cloud Security Dashboard displays the compliance health of your environment at a glance, and enables you to customize the data based on filters you define. The dashboard shows current summary compliance statistics of your resources also displays clickable charts that enable to you traverse directly to specific resources, rules, or violations to policies. For capturing and sharing, you can export data to PDF format.
The Dashboard has the following elements:
| Screen element | Description |
|---|---|
| Top navigation bar items | |
| Dashboard | Displays the Cloud Security Dashboard with a current snapshot of your environment. Note View Only users cannot add or modify connectors, policies, exceptions, or users, nor can they add or invite new users to use Cloud Security. However, they can view and export the data to PDF. If no data is displayed on the Dashboard, View Only users are notified to contact their Tenant Administrator, who can perform all operations in Cloud Security. By default, the Dashboard shows all the scanned data till date. To fetch data for a specific scan period, select the period as favorite, such as last 7 days or last 24 hours.
For all the subsequent logins to Cloud Security, data is retrieved according to the selected scan period. |
| Resources | Displays a list of resources that are evaluated by Cloud Security. It also shows the compliance status of a resource, the connector associated with the resource, the associated policy, and other details. From the Resources page you can export data in the following formats: CSV: Exports the resource data to a zip file containing a CSV file for each policy and its properties. CSV files can be created for the second level Resource data. The naming convention of the CSV file (in above zip file) is: Evaluation.csv PDF: Exports the resource data to PDF. This functionality is available to both Admin and View Only users.
|
| Violations | Displays a list of rules that are evaluated by Cloud Security. For each rule, the list shows the total number of resources that are evaluated, the count of resources that are compliant, non-compliant, or indeterminate, the associated connector and policy, and the severity level. CSV: Exports the violations data to a zip file containing a CSV file for each policy and its properties. CSV files can be created for the second level Violations data. The naming convention of the CSV file (in above zip file) is: Evaluation.csv PDF: Exports the violations data to PDF. This functionality is available to both Admin and View Only users.
|
| Remediations | Displays a list of resources that are remediated by Cloud Security. In addition to the resource name, it also shows the remediation action required for the particular resource, the rule name that has been violated, the type of remediation trigger (On Demand or Auto), the name of the user, the date and the status of the remediation (Successful or Failed). A filter bar enables user to filter data according to connector type, status of remediation, date, tags, configuration or resource type. The Resource Name column now shows only resource name, although initial evaluated resources show resource name as well as connector name. From the Remediations page you can export data in the following formats: CSV: Exports the remediation data to a zip file containing a CSV file for each policy and its properties. The naming convention of the downloaded zip file is: Remediation-History-Date-Month-Year.zip; for example, Remediation-History-27-Jun-2017 The naming convention of the CSV file (in above zip file) is: Evaluation.csv The data listed under Remediation Trigger column in the BMC Helix Cloud Security UI can be found under the Configuration column when exported in CSV format. When data is exported from Remediations page in CSV format, the configuration column may not display that data in accordance with the selected filter (for older data, as the configuration column was not recorded earlier). This will not be an issue for freshly evaluated data. PDF: Exports the remediation data to PDF. This functionality is available to both Admin and View Only users. |
| Manage | Enables you to manage policies and exceptions in Cloud Security. |
| View Transactions | Displays the Transaction Utilization page which shows a graph and table of the total number of transactions per month over the last year. You can click Export to export the page to a PDF. |
| Sign Out | Logs you out of the Cloud Security application. |
| Scan duration selection | Filters the data on the dashboard according to a specified scan date range (Last 24 hours, Last 7 days, Last 14 days, Last 30 days, Till Date). Scan time selection customizes the display in all the charts. |
| Configure icon | Enables you to manage Users, Connectors, Notifications, Resource Pools and Organizations in Cloud Security. Cloud Security. |
| Filter bar items | |
| Connector | Filters the data by connector type. The default setting is All Connectors. To clear current selections and return to the default menu, click Clear selected items. |
Tags | Filters the data by tag, which is metadata related to specific resources (security groups, database instances, and so forth) represented as key-and-value pairs. Tags enable you to categorize a resource by purpose or other category. You can then search on that category and filter widget data using tag filters, which are available on the top-level dashboard, and Resources and Violations multi-level pages. The default setting is All Tags. The filter provides the following additional options:
If you are using Microsoft Azure and have scanned for multiple subscriptions, those subscriptions will be displayed as tags. So, in the following example, the Azure Client ID is mapped to two subscriptions, which display on the Dashboard and Resources page in the Tags menu when that Azure connector is selected. |
| Resource Type | Filters the data by resource type. The default setting is All Types. To clear current selections and return to the default menu, click Clear selected items. |
| Policy | Filters the data by policy type. The default setting is All Policies. To clear current selections and return to the default menu, click Clear selected items. |
| Severity | Filters the data by severity (Critical, High, Medium, or Low). The default setting is All Severity. To clear current selections and return to the default menu, click Clear selected items. |
| Clear | Clicking this button clears all filter selections to their default settings. |
| Export To PDF | Exports a current state snapshot of the dashboard to a PDF file (Dashboard.pdf) based on the filters defined. This functionality is available to both Admin and View Only users. |
| Widgets | |
| Total Evaluation | (Clickable) Shows the total number of evaluations that are compliant, non-compliant for a given tenant. |
| Total Resources | (Clickable) Shows the total number of resources that are compliant, non-compliant, and indeterminate that are evaluated for a given tenant. The total number and percentage of each resource category is displayed in the corresponding number/percentage item to the right of the chart. |
| Non Compliant Rules | (Clickable) Shows the current summary of compliance statistics of rule violations. |
| Non Compliant Resources | (Clickable) Shows the compliance distribution of resources. |
| Remediations Triggered | Shows the distribution of resources remediated, as well as the resources triggered during the current day. |
| Compliance Trend | Shows a compliant history trending graph of compliant resources over a selected scan time. |
| Non Compliant Rules vs Remediation | Shows the compliance trend of rule violations against the number of remediations. |
Total Evaluations widget
The Total Evaluations widget shows the total number of evaluations that are compliant, non-compliant, and indeterminate that are evaluated for a given tenant.
Click any of the states (Compliant, Non Compliant, and Indeterminate) to view the violations for each of the state. For example, if you click Compliant, the Violations page is displayed, which describes the compliant evaluations for the selected period.
Total Resources widget
The Total Resources widget shows the total number of resources that are compliant, non-compliant, and indeterminate that are evaluated for a given tenant. The total number and percentage of each resource category is displayed in the corresponding number/percentage item to the right of the widget (the highest number of resources are displayed to the left).
Clicking the Compliant item displays the Resources page with the Evaluation Status filter automatically set to Compliant, from which you can traverse directly to a specific resource.
Similarly, clicking the Non Compliant item displays the Resources page with the Evaluation Status filter automatically set to NonCompliant, and clicking the Indeterminate item displays the Resources page with the Evaluation Status filter automatically set to Indeterminate.
Note
When clicking the Back button on your browser to return to the Dashboard, the filter settings you previously applied do not change.
Non Compliant Rules widget
The Non Compliant Rules widget shows the current summary of compliance statistics of violations.
To show a summary of the data by severity, click By Severity. Clicking a section of the widget displays the Violations page with the Severity filter automatically set to the severity represented in the widget, from which you can traverse directly to a specific rule.
For example, in the following screens, clicking the Critical section of the widget or the numeric/percentage area below the widget displays the Violations page with the Severity filter automatically set to Critical.
To show a summary of the data by age, click By Age. Clicking a section of the widget or the numeric/percentage area below the widget displays the Violations page with all filters set to the default states, from which you can traverse directly to a specific rule.
Non Compliant Resources widget
The Non Compliant Resources widget shows the current compliance distribution of resources.
Clicking a section of the widget or the numeric/percentage area below the widget displays the Resources page with the with Evaluation Status filter automatically set to NonCompliant, and the Scan Date showing to the corresponding duration.
Remediations Triggered widget
The Remediations Triggered widget shows the distribution of remediations triggered.
The sections of the widget and the numeric/percentage area below the widget display the total number of successful, failed, and submitted (if applicable) remediations. The title above the widget displays the total number of remediations triggered during the current day. Every time a violation is detected in Cloud Security, a remediation is triggered and the widget and number/percentage area is incremented accordingly.
Compliance Trend widget
The Compliance Trend widget shows a compliant history trending graph of compliant resources over the selected scan duration. This widget enables you to quickly assess the health of your resources over a period of time. You can hover over a point in the graph to locate a specific number of resources for a given date. For example, in the following screen, for a scan time selection of 7 days, 24 resources were compliant on July 21, trending to its highest number of compliant resources in that time period on July 22.
Non Compliant Rules vs Remediation widget
The Non Compliant Rules vs Remediation widget shows the compliance trend of rule violations against the number of remediations.
The data trending chart shows the number or non-compliant rules at any given point in time. The vertical (Y) axis displays the number of violations and remediations at the selected scan duration, represented in the horizontal (X) axis.
Note
Comments
Log in or register to comment.