Incident Compliance Reports

Generate Incident Compliance reports to discover which incidents should be installed, or have already been installed, on which of your hosts. The report provides relevant information. The Incident report shows all incidents. The Incident Compliance report filters the list for what is relevant to each selected host.

To Filter an Incident Compliance Report

Filter an incident compliance report in the Incident Compliance Report Editor window. This report requires that you filter for incident name. You may choose all available incidents, to make a very general report; or you may choose a specific incident to get a report of host compliance on this particular set of packages.

1. In the Reports window, select Incident Compliance and then click the New button.

   The Incident Compliance Report Editor opens.

   Figure 13–3 Incident Compliance Report Editor

   
   

2. Click the Select button by the Hosts box.

   The Select Hosts window opens.

3. Select relevant hosts and click the Add button to add them to the Selected list.

4. Click OK.

   The selected hosts appear in the Hosts box.

5. Select one of the following status options:

   • Compliant. Show hosts that have the selected incidents installed.

   • Not Compliant. Show hosts that should have the incidents installed.

6. To check compliance with specific incidents, select the Select Incidents radio button and click the Select button next to the Name box.

   The Select window opens and shows incident names. Add the incidents on which you want the report.

7. To check compliance with incidents of categories or types, select the Filter radio button and then select categories and types of incidents (you must select one of each).

   Optionally, you can filter the incidents for date (see To Filter a Report by Date), included packages, and CVE ID (see To Filter a Report by Specific Package, CVE ID, or Incident

Viewing Incident Compliance Reports

After you select the criteria in the Incident Compliance Report Editor, you can generate the report, or name it and save it as a template. If you save it as a template, you can select the template and then click Report in the Reports window. Whether you generate the report from the editor window or from a template, the same Report window opens.

Each line in the Report shows the incidents you selected, or those that matched your filters, and the number of hosts with the compliance status that you selected (compliant or not compliant). If you selected compliant for status, the report shows how many of the selected hosts have this incident installed. If you selected not compliant, the report shows how many of the selected hosts should have this incident installed.

To see which hosts are counted in the row, select an incident name in the report and then click Details. A new Report window opens, displaying the host names and the number of packages needed for the selected incident.

To see package details, click Details again. The Report window is cleared, and then it displays the packages needed for the selected incident. It shows the versions that are currently installed and lists the versions that should be installed to finalize this incident.

To see informational details of an incident, select a line in the new report list and click Incident Information. The Incident Information window opens.

To Create an Incident Compliance Job

From the Incident Compliance report, you can create a job to install the packages that are related to a selected incident on the hosts selected in the report editor.

1. In the Incident Compliance Report Editor, select Not Compliant for the Status.

2. Select the remaining criteria for the report and then generate the report.

3. Select a specific incident and then click Details.

   The report shows the noncompliant hosts.

4. Select hosts and then click Details.

   The report shows the packages to install on the hosts.

5. Select packages and then click Send Job.

   The job installs the recommended version.