Chapter 13 Reports

This chapter describes Sun Update Connection – Enterprise reports. This chapter defines each report, shows how to access them, customize them, and understand the report results. Reports enable you to better manage your machines, with regards to patch and incident management.

This chapter covers the following topics:

• Terms

• Report Explanations

• Generating Reports

• Filtering and Viewing Incident Reports

• Incident Compliance Reports

• Host Compliance Reports

• CVE Compliance Reports

• Package Compliance Reports

• Service Pack Compliance Reports

• Job History Reports

• Managing Reports

Terms

This chapter uses the following terms:

Enhancement

Package provided by and defined by a distribution vendor as a fix that is neither security nor bug fix, but which enhances an earlier package.

Patch

Sun Solaris binary, named in a numbering system, that adds some type of fix to an already installed PKG.

Nonpatch

RPMs from Linux advisories or PKGs from Sun Freeware, which provide a fix to an existing package; not as a binary to be added to a package, but as a standalone package.

Incident

Fix for an application or feature that may include a number of packages.

Channel

Linux distribution version or Solaris version, and hardware architecture.

CVE ID

Patches and packages from the list of candidates to be published as common vulnerabilities and security exposure incidents (also known as CVE ID). See http://cve.mitre.org/cve/index.html.

Compliant

Host has the patch, package, incident, or profile installed.

Service Pack

Mass release of packages by a distribution vendor, which when installed will solve various incident issues.

Report Explanations

Reports offer access to the latest patches, fixes, and incidents. There is also a report type for Sun Update Connection – Enterprise job history, for general job auditing.

When you ask that a report be generated, you select the criteria that are relevant to you, such as host list and whether you want to know which hosts have a specific patch or whether you want to know which do not. The report that is generated is a table of information that you can easily review for efficient, up-to-date management of all your hosts.

• Incidents – Basic information of all known distribution and local incidents.

• CVE Compliance – Incidents that belong to a given CVE ID.

• Host Compliance – Reports on whether hosts are compliant to security and bug fix incidents.

• Incidents Compliance – Mapping between selected incidents and selected hosts; to find if incidents are installed.

• Package Compliance – Incidents relevant to selected packages.

• Service Pack – Incidents created by the publication and release of a service pack by a vendor.

• Jobs History – History of installs and uninstalls done by Sun Update Connection – Enterprise on managed hosts.

Reports enable you to check for new patches, security advisories, and so on. You can get a general report, or test a host or installed package for available fixes. You can search for specific Solaris patches by their CVE IDs.

Generating Reports

When you open the Reports window, there is a list of types of reports. You select the type that you want, fill in the criteria options, and then decide whether you want to generate the report immediately, or save the criteria as a report template.

To Access Reports

1. Do one of the following:

   • From the tool bar, click the Reports button.

   • From the Tools menu, choose Reports.

     The Reports window opens.

     

2. Select one of the report types.

3. From the tool bar of the Reports window, click the New button.

   A Report Editor window opens where you choose the criteria to create the new report. Each report type opens a different Report Editor window.

4. Type a unique name for the new report and an optional, free-text description.

5. Choose the relevant criteria.

6. Do one of the following:

   • Click Report.

     A report is displayed in a Report Result window. The columns of this window differ between the types of reports.

   • Click Save.

     The report criteria are saved as a template, under the report type. Select the report template and click Report to get current results, as often as you like.

Filtering and Viewing Incident Reports

Generate Incident reports to get a list of incidents linked to packages, CVE IDs, or just a general list of incidents. This report does not tell you if your hosts are compliant with the incidents. It provides information about incidents of filtered categories and types, or a complete list of incidents for a channel.

When an incident is published by a vendor, it contains more than the packages; it also contains information on the source issue of the incident and why the packages included are needed. You can access this information as well through the Incident report.

To Filter an Incident Report

Filter an incident report in the Incident Report Editor window. The criteria that you select can create a large general list or a specific query.

1. In the Reports window, select Incidents and then click the New button.

   The Incidents Report Editor opens.

   

2. Select categories and types of incidents that are relevant to the report.

   You must select at least one category and one type.

3. Click Report now if you do not want to apply more filters.

To Filter a Report by Date

1. Click the Select Dates button.

   The Select Dates window opens.

2. Select a date range:

   • Relative. Specify how many days since the incident was published.

   • Range. Click the Select Dates buttons to specify a start date and an end date for the time range.

   If the date is not important, leave the default Any date selected.

To Filter a Report by Channel

1. Click the Select button next to the Channel box.

   The Channel Select window opens.

2. Select relevant channels.

   To select multiple channels, use the Shift key or the Ctrl key. To select all, type Ctrl+A.

3. Click OK.

   The selected channels appear in the Channel box of the Report Editor.

To Filter a Report by Specific Package, CVE ID, or Incident

1. Click a Select button.

   The Select window opens and shows the filter names.

2. Select relevant items and click Add.

3. Click OK.

Viewing Incident Reports

After you select the criteria in the Incident Report Editor, you can generate the report, or name it and save it as a template. If you save it as a template, you can select the template and then click Report in the Reports window. Whether you generate the report from the editor window or from a template, the same Report window opens.

Figure 13–1 Report Window – Incidents

Each line in the Report shows the incident name (defined by vendor), category, type, channel, and release date. It shows the number of packages that belong to this incident.

To see package details of an incident, select an incident name in the report and then click Details. A new Report window opens, displaying the packages needed for the selected incident. The Recommended columns list the latest incident name and package version that is recommended for you to install. If an incident is a newer fix to a previous incident, the recommended incident shows which incident (and installation of its packages) will bring your systems most up-to-date.

To see informational details of an incident, select a line in the new report list and click Incident Information. The Incident Information window opens.

Figure 13–2 Incidents Information

The Incident Information window has the following tabs:

• General. Includes the name, category of incident, summary (if the vendor published one), date released, and type (nonpatch or patch).

• CVE. Shows the ID in the CVE list.

• Package. Shows the list of packages that are related to this incident.

• Obsolete. Shows the list of incidents that are made obsolete by this incident.

• URL. Shows the reference to more information published by the vendor.

Incident Compliance Reports

Generate Incident Compliance reports to discover which incidents should be installed, or have already been installed, on which of your hosts. The report provides relevant information. The Incident report shows all incidents. The Incident Compliance report filters the list for what is relevant to each selected host.

To Filter an Incident Compliance Report

Filter an incident compliance report in the Incident Compliance Report Editor window. This report requires that you filter for incident name. You may choose all available incidents, to make a very general report; or you may choose a specific incident to get a report of host compliance on this particular set of packages.

1. In the Reports window, select Incident Compliance and then click the New button.

   The Incident Compliance Report Editor opens.

   Figure 13–3 Incident Compliance Report Editor

   
   

2. Click the Select button by the Hosts box.

   The Select Hosts window opens.

3. Select relevant hosts and click the Add button to add them to the Selected list.

4. Click OK.

   The selected hosts appear in the Hosts box.

5. Select one of the following status options:

   • Compliant. Show hosts that have the selected incidents installed.

   • Not Compliant. Show hosts that should have the incidents installed.

6. To check compliance with specific incidents, select the Select Incidents radio button and click the Select button next to the Name box.

   The Select window opens and shows incident names. Add the incidents on which you want the report.

7. To check compliance with incidents of categories or types, select the Filter radio button and then select categories and types of incidents (you must select one of each).

   Optionally, you can filter the incidents for date (see To Filter a Report by Date), included packages, and CVE ID (see To Filter a Report by Specific Package, CVE ID, or Incident

Viewing Incident Compliance Reports

After you select the criteria in the Incident Compliance Report Editor, you can generate the report, or name it and save it as a template. If you save it as a template, you can select the template and then click Report in the Reports window. Whether you generate the report from the editor window or from a template, the same Report window opens.

Each line in the Report shows the incidents you selected, or those that matched your filters, and the number of hosts with the compliance status that you selected (compliant or not compliant). If you selected compliant for status, the report shows how many of the selected hosts have this incident installed. If you selected not compliant, the report shows how many of the selected hosts should have this incident installed.

To see which hosts are counted in the row, select an incident name in the report and then click Details. A new Report window opens, displaying the host names and the number of packages needed for the selected incident.

To see package details, click Details again. The Report window is cleared, and then it displays the packages needed for the selected incident. It shows the versions that are currently installed and lists the versions that should be installed to finalize this incident.

To see informational details of an incident, select a line in the new report list and click Incident Information. The Incident Information window opens.

To Create an Incident Compliance Job

From the Incident Compliance report, you can create a job to install the packages that are related to a selected incident on the hosts selected in the report editor.

1. In the Incident Compliance Report Editor, select Not Compliant for the Status.

2. Select the remaining criteria for the report and then generate the report.

3. Select a specific incident and then click Details.

   The report shows the noncompliant hosts.

4. Select hosts and then click Details.

   The report shows the packages to install on the hosts.

5. Select packages and then click Send Job.

   The job installs the recommended version.

Host Compliance Reports

Generate Host Compliance reports to discover hosts should be updated for security fixes. You may choose to get a report that lists hosts that are compliant; or a report of those that need to be fixed. The security issues could be of those incidents that are security; or it could include both security and bug fixes.

To Filter a Host Compliance Report

Filter a host compliance report in the Host Compliance Report Editor window. This report requires that you filter select an option from each filter.

1. In the Reports window, select Host Compliance and then click the New button.

   The Host Compliance Report Editor opens.

   Figure 13–4 Host Compliance Report Editor

   
   

2. Select hosts for the report.

   See To Filter an Incident Compliance Report.

3. Select status options:

   • Compliant. Show hosts that are compliant with known security incidents.

   • Not Compliant. Show hosts that need management to be compliant.

4. Select level of incidents:

   • Security. Show security incidents

   • Bug fix. Show security and bug fix incidents

Viewing Host Compliance Reports

After you select the criteria in the Host Compliance Report Editor, you can generate the report, or name it and save it as a template. If you save it as a template, you can select the template and then click Report in the Reports window. Whether you generate the report from the editor window or from a template, the same Report window opens.

Each line in the Report shows the hosts you selected and the number of incidents with the compliance status that you selected (compliant or not compliant). If you selected compliant for status, the report shows how many incidents have been installed on each of the selected hosts; if you selected not compliant, the report shows how many incidents should be installed on each host.

To see which incidents are counted in the row, select a host name in the report and then click Details. The report displays the incident names.

To see package details, click Details again. The report displays the packages needed for the selected incident. It shows the versions that are currently installed and lists the versions that should be installed to finalize this incident.

To see informational details of an incident, select a line in the new report list and click Incident Information. The Incident Information window opens.

To Create a Host Compliance Job

From the Host Compliance report, you can create a job that will install the packages related to needed incidents on the selected hosts.

1. In the Host Compliance Report Editor, select Not Compliant for the Status.

2. Select the remaining criteria for the report and then generate the report.

3. Select a specific host and then click Send Job.

   The job installs the recommended version of each package.

   Optionally, you can send the job from the report windows opened after clicking Details, to create a smaller job, of selected incidents, or selected packages.

CVE Compliance Reports

Generate CVE Compliance reports to find incidents related to specific CVE IDs and the hosts that should have these incidents installed.

To Filter a CVE Compliance Report

Filter a CVE compliance report in the CVE Compliance Report Editor window. This report requires that you filter select an option from each filter.

1. In the Reports window, select CVE Compliance and then click the New button.

   The CVE Compliance Report Editor opens.

   

2. Select hosts for the report.

   See To Filter an Incident Compliance Report.

3. Select one of the following status options:

   • Compliant. Show hosts that are compliant with known security incidents.

   • Not Compliant. Show hosts that need management to be compliant.

4. Select the CVE IDs that you want Sun Update Connection – Enterprise to match to incidents.

   See To Filter a Report by Specific Package, CVE ID, or Incident.

Viewing CVE Compliance Reports

After you select the criteria in the CVE Compliance Report Editor, you can generate the report, or name it and save it as a template. If you save it as a template, you can select the template and then click Report in the Reports window. Whether you generate the report from the editor window or from a template, the same Report window opens.

The Report shows the CVE IDs you selected and the number of incident-packages with the compliance status that you selected (compliant or not compliant). If you selected compliant for status, the report shows how many packages have been installed on each of the selected hosts to be compliant with an incident. If you selected not compliant, the report shows how many packages should be installed on each host for incidents of this CVE ID.

To see which incidents are counted in the row, select a host name in the report and then click Details. The report displays the incident names and the packages of each incident.

To see informational details of an incident, select a line in the new report list and click Incident Information. The Incident Information window opens.

To Create a CVE Compliance Job

From the CVE Compliance report, you can create a job that will install, on the selected hosts, the packages needed to resolve the CVE ID and the incidents related to it.

1. In the CVE Compliance Report Editor, select Not Compliant for the Status.

2. Select the remaining criteria for the report and then generate the report.

3. Select listed CVE IDs and then click Details.

   The report shows the packages to install.

4. Select packages and then click Send Job.

   The job installs the recommended version of each package.

Package Compliance Reports

Generate Package Compliance reports to find incidents related to specific packages. For example, if you have a mission-critical application, use the Package Compliance Report to discover is there are new incidents related to this application and to make sure you have up-to-date versions of relevant packages.

To Filter a Package Compliance Report

Filter a Package Compliance report in the Package Compliance Report Editor window. This report requires that you filter select an option from each filter.

1. In the Reports window, select Package Compliance and then click the New button.

   The Package Compliance Report Editor opens.

   

2. Select hosts for the report.

   See To Filter an Incident Compliance Report.

3. Select one of the following status options:

   • Compliant. Show hosts that are compliant with known security incidents.

   • Not Compliant. Show hosts that need management to be compliant.

4. Select one of the following level options:

   • Security. Show security incidents.

   • Bug fix. Show security and bug fix incidents.

5. Select the packages that you want Sun Update Connection – Enterprise to match to incidents.

   See To Filter a Report by Specific Package, CVE ID, or Incident.

Viewing Package Compliance Reports

After you select the criteria in the Package Compliance Report Editor, you can generate the report, or name it and save it as a template. If you save it as a template, you can select the template and then click Report in the Reports window. Whether you generate the report from the editor window or from a template, the same Report window opens.

The Report shows the packages you selected and the number of hosts and incidents with the compliance status that you selected (compliant or not compliant). If you selected compliant for status, the report shows how many hosts have this package to be installed; if you selected not compliant, the report shows how many hosts need this package to be installed.

To see which incidents and hosts are counted in the row, select a package name in the report and then click Details. The report displays host names and incidents, what is installed on the hosts and what is recommended for installation.

To see informational details of an incident, select a line in the new report list and click Incident Information. The Incident Information window opens..

To Create a Package Compliance Job

From the Package Compliance report, you can create a job that will install, on the selected hosts, the package version need to resolve the incident.

1. In the Package Compliance Report Editor, select Not Compliant for the Status.

2. Select the remaining criteria for the report and then generate the report.

3. Select listed packages and then click Details.

   The report shows the hosts on which the package should be installed.

4. Select packages and then click Send Job.

   The job installs the recommended version of each package.

Service Pack Compliance Reports

Generate Service Pack Compliance reports to find if your hosts have the latest service packs provided by vendors.

To Filter a Service Pack Compliance Report

Filter a Service Pack Compliance report in the Service Pack Compliance Report Editor window. This report requires that you filter select an option from each filter.

1. In the Reports window, select Service Pack Compliance and then click the New button.

   The Service Pack Compliance Report Editor opens.

   

2. Select hosts for the report.

   See To Filter an Incident Compliance Report.

3. Select one of the following status options:

   • Compliant. Show hosts that are compliant with known security incidents.

   • Not Compliant. Show hosts that need management to be compliant.

4. Select the service packs that you want Sun Update Connection – Enterprise to match to the selected hosts.

   See To Filter a Report by Specific Package, CVE ID, or Incident.

Viewing Service Pack Compliance Reports

After you select the criteria in the Service Pack Compliance Report Editor, you can generate the report, or name it and save it as a template. If you save it as a template, you can select the template and then click Report in the Reports window. Whether you generate the report from the editor window or from a template, the same Report window opens.

The Report shows the service packs you selected and the number of packages with the compliance status that you selected (compliant or not compliant, with the service pack). If you selected compliant for status, the report shows how many packages of the service pack are installed on the host; if you selected not compliant, the report shows how many packages this host needs to install.

To see which packages are counted in the row, select a host name in the report and then click Details. The report displays host names and packages, what version is installed on the hosts and what version is recommended for installation.

Running Service Pack Compliance Jobs

From the Service Pack Compliance report, you can create a job to install, on the selected hosts, the package version need to install the service pack contents.

To Create a Service Pack Compliance Job

1. In the Service Pack Compliance Report Editor, select Not Compliant for the Status.

2. Select the remaining criteria for the report and then generate the report.

3. Select listed packages and then click Details.

   The report shows the hosts on which the packages should be installed.

4. Select packages and then click Send Job.

   The job installs the recommended version of each package.

Job History Reports

Generate Job History reports to get a detailed history of the install and uninstall actions taken on hosts throughout Sun Update Connection – Enterprise management. This report also shows which user made the deployments, enabling you to track a team of operators.

To Filter a Job History Report

Filter a Job History report in the Job History Report Editor window. This report requires that you filter select an option from each filter.

1. In the Reports window, select Job History and then click the New button.

   The Job History Report Editor opens.

   

2. Select hosts for the report. See To Filter an Incident Compliance Report.

3. Select one of the following level options:

   • Security. Show security incidents.

   • Bug fix. Show security and bug fix incidents.

4. Select relevant dates.

   See To Filter a Report by Date.

5. Select one of the following action options:

   • Installs. Show details of installations done on the selected hosts and dates.

   • Uninstalls. Show details of uninstallations done on the selected hosts and dates.

Viewing Job History Reports

After you select the criteria in the Job History Report Editor, you can generate the report, or name it and save it as a template. If you save it as a template, you can select the template and then click Report in the Reports window. Whether you generate the report from the editor window or from a template, the same Report window opens.

The Report shows the date and time that an action was done, what the action was and on what component and host, the job that called for the action, and the user that created the job.

Managing Reports

You can copy, edit, and delete report templates. You create a report template by saving the criteria of a report.

If you generate the report without saving, these features are not available. In addition, these features are not applicable to the default report types.

After a report is generated, you can perform various actions with it.

Managing Report Templates

• To delete a report, select a report template that you created and then click the Delete button in the tool bar.

• To edit a report, select a report template that you created and then click the Edit button in the tool bar.

• To create a new report or report template based on a previously created template, select a report template shown under a default report type, and click the Copy button in the tool bar.

Managing Report Results

• To save the report results in a text file, click the Save button.

• To print the report, click the Print button.

• To email the report, click the Send button.

• To get more details on a selected item in the report, click the Details button.

• To create a job that will fix the compliance issues, click the Run button.