Live Reporting dashboard Compliance reports

This topic describes the reports that available when you click the Compliance tab on the Live Reporting dashboard. The topic includes the following sections:

Overview
Reviewing the compliance of your servers
Reviewing history of compliance on your servers
Reviewing cohort analysis of policy compliance on your servers
Changing the scope of the data

Overview

The Compliance tab lets you monitor the security controls in your managed environment. This critical information is important for auditors and to view your current level of system security.

For example, the TrueSight Server Automation administrator can use Live Reporting to answer the following questions:

How many servers are currently compliant and how many are non-compliant?
How many servers are policy compliant on a given week?
What percentage of my Red Hat servers display unacceptable policy compliance?

Note

The reports on this tab show only those servers for which the user (for example, BLAdmin) has access.

Reviewing the compliance of your servers

The Current View displays system-compliance by server in your managed environment. For example, you can easily review how many servers are enrolled versus how many servers are actually compliant.

This view contains the following reports, which allow the TrueSight Server Automation administrator to view the current state of the managed environment, relative to compliance status. To refine the scope, you can filter the data presented on the dashboard using the filter options.

If you hover above the report, the share and edit icons are displayed in the upper-right corner of the view.

Report	Description	Example screen
Enrolled Servers Summary	This report displays the total number of servers you are managing in your environment, as well as the distribution by OS type. The report also lists the number of servers that are currently not accessible (for example, the agent on the server is down, or is in a maintenance window).
Compliance Servers Summary	Displays total number of servers in your environment that your compliant activities are actually running against. This information lets you see if there are critical gaps that you must immediately fill to ensure that your coverage is complete.
Summary by OS (Non-distinct server count if multiple templates selected)	Displays total number of compliant versus non-compliant servers, separated by their operating system. Note: With the Non-distinct server count, each server is counted once, even if it you selected multiple component templates in the filter options. If you hover above the report, the view toggle icon is displayed (along with the standard share and edit icons) in the upper-right corner of the view. If you hover over a bar in the report, a popup with the OS and the number of servers running that OS is displayed. Clicking on a bar displays the Details by OS report, which provides a list of the servers running that OS, the Compliance Job name that ran on the server, and the compliance status for the server.
Compliance Run Progress Status (Non-distinct server count if multiple templates selected)	Displays current status of servers with how many policies are completed with warnings, how many pending, and so on. Note: With the Non-distinct server count, each server is counted once, even if it you selected multiple component templates in the filter options. If you hover above the report, the view toggle icon is displayed (along with the standard share and edit icons) in the upper-right corner of the view. Note: There is no Failed compliance run so the Failed icon in the legend of the image to the right is not applicable to this view.
Summary by Policy (Top 10 by most analyzed server)	Displays the top 10 policies used in the analysis, and the number of analyzed servers for each, based on the current snapshot. If you hover above the report, the view toggle icon is displayed (along with the standard share and edit icons) in the upper-right corner of the view. The toggle icon enables you to switch between the graph view, shown in the first figure, and the table view, which is shown below it.
	Clicking on a policy name displays the Details by Policy report, shown on the right. The report displays which servers were analyzed, the name of the Compliance Job, the number of rules that passed and the number of rules that failed on each server.
Non-Compliant Servers (Top 10 by most failed rules)	Displays the top 10 servers which have had the highest number of failed rules during the latest run. This information is useful to troubleshoot problems in your environment, to see which servers are the most non-compliant, in order to take the appropriate corrective measures. If you hover above the report, the view toggle icon is displayed (along with the standard share and edit icons) in the upper-right corner of the view. Clicking on a row displays the Non-Compliance Servers Detail report. This report displays the component template name, the Compliance Job name, the number of rules evaluated, and the number of rules that failed.

Reviewing history of compliance on your servers

The Historical View displays reports which lets you quickly view how many servers are compliant and how many are non-compliant over a given date range (for example, day, week, month, quarter, or year). This view lets you see how a trend of compliance is progressing in your environment.

If you hover over the view, the view toggle icon is displayed (along with the standard share and edit icons) in the upper-right corner of the view. The toggle icon enables you to switch between the chart version of the report, and the line graph version of the report.

If you hover over any of the data points in the chart, you are presented with a pop-up containing links to drill down reports with more information.

Reviewing cohort analysis of policy compliance on your servers

The Cohort Analysis displays the percentage of policy compliance for your server groups (for example, All Windows servers or All Red Hat servers).

In addition, you can do a deep drill-down to review the compliance status of a group of servers. To do so, click on any of the cells in the table. The Compliance Cohort Details report is displayed.

This report provides details for the compliance status of a specific server server.

Changing the scope of the data

For both the current view and the historical view, you can change the scope of the data displayed in the report by changing the filter options on the right side of the report. To refine the scope, you can filter the data presented on the dashboard using the following options:

Time period - Select a time period from the drop-down list. You can choose between the last 24 hours or intervals that span up to the last 90 days. The default is 24 hours.
Time range - Select a specific range of days by using the calendar icons next to the From and To fields.
Customer - Out-of-the-box property that you can select to filter the data by customer.
Location - Out-of-the-box property that you can select to filter the data by location.
Server group - Click Select to choose a specific server group for which you want to see compliance data. All static and smart groups are listed. You can select up to 10 server groups.
Template name - Choose a component template for which you want to see compliance data.
Role - This option is available only if you have launched the dashboard from a browser, and if the TrueSight Server Automation user that is logged on is assigned multiple roles.