Compliance reports
The Compliance reports provide overview and detailed information about the compliance data. Two Regulatory dashboards show data from the compliance contents supplied by BMC. If you use compliance content supplied by BMC, you can use these dashboards for regulatory policies such as CIS, DISA, DISA STIG Revised, HIPPA, PCI, and SOX.
The information in Compliance reports is derived from the Compliance Job runs in TrueSight Server Automation servers. To collect data for the Compliance reports, you need to set up and run Compliance Jobs in TrueSight Server Automation. For more information, see Setting up data collection for Compliance reports.
SCAP reports are based on compliance analysis of the Security Content Automation Protocol (SCAP) benchmark content. To collect data for the SCAP Compliance reports, you need to set up and run SCAP Compliance Jobs in TrueSight Server Automation. For more information, see Creating and modifying SCAP Compliance Jobs in the TrueSight Server Automation documentation.
The following table summarizes the built-in Compliance reports. You can start with the Compliance Dashboard report to view the information and use drill-through columns to view detailed compliance information. For information about running these reports, see Running out-of-the-box reports.
Built-in Compliance reports
Report/Description | Columns | Prompts | View used |
---|---|---|---|
Compliance Dashboard Shows the graphical and tabular monthly trends for compliance activities grouped by OS. This report also provides the monthly compliance percentage in your environment. |
| Date Range | Compliance |
Compliance Summary By Policy Summarizes the compliance results for servers for a policy over a selected time interval. When you drill through a server count, you might see a less server count than the parent report because you might not have access to all the servers as per RBAC policy. |
|
| |
Compliance Summary By Server Summarizes the compliance results for policies for a server over a selected time interval. |
|
| |
Detailed Compliance Report Provides detailed information for the compliance rules for a policy on the server over a selected time interval. |
|
| |
Detailed Exceptions Report Provides detailed information for the compliance rules having exceptions for a policy over a selected time interval. |
|
| |
Compliance Trend By Policy Provides a graphical and tabular view of the compliance percentage and compliant servers for a policy over a selected time interval. |
|
| |
Compliance Trend By Server Provides a graphical and tabular view of the compliance data for a server for all policies over a selected time interval. |
|
| |
Compliance Policy Status Provides a graphical view of the following information for a specified policy:
This report provides overall results for a policy against distinct servers. For example, 3 job runs for a policy against 3,000 servers (1,000 distinct servers in each job run) would show on this report an overall compliance result of the latest jobs runs on distinct servers irrespective of multiple job runs. |
| Policy Name | |
Regulatory Dashboard: Regulatory Compliance Policy Dashboard Provides a graphical and tabular view of the regulatory compliance policies for latest job run data by policy type (for example, DISA and HIPPA) across all OS types. The dashboard includes the number of compliant and non-compliant servers, unknown servers, and the compliance percentage for a compliance policy type. This report displays latest job run data of each policy and its associated jobs. |
| None | |
Regulatory Dashboard: Regulatory Compliance Policy (OS) Dashboard Provides a graphical and tabular view of the regulatory compliance policies for latest job run data by policy. The dashboard includes the number of compliant and non-compliant servers, unknown servers, and the compliance percentage for a compliance policy type |
| Policy Name | |
SCAP: SCAP Summary By Benchmark Summarizes the SCAP compliance results for servers for a benchmark over a selected time interval. Note: The columns related to collection and data stream in this report output are based on SCAP version 1.2 components. In an SCAP Compliance report for SCAP version 1.0, these items are displayed as 'Not Applicable'. |
|
| SCAP |
SCAP: SCAP Summary By Server Summarizes the SCAP compliance results for benchmarks for a server over a selected time interval. Note: The columns related to collection and data stream in this report output are based on SCAP version 1.2 components. In an SCAP Compliance report for SCAP version 1.0, these items are displayed as 'Not Applicable'. |
|
| |
Detailed SCAP Report Provides detailed information for the SCAP compliance rules for a benchmark on the server over a selected time interval. Note: The columns related to collection and data stream in this report output are based on SCAP version 1.2 components. In an SCAP Compliance report for SCAP version 1.0, these items are displayed as 'Not Applicable'. |
|
|
Comments
Log in or register to comment.