The second tab in the Operate→Compliance form is to show all reports.
You'll first be shown a selection window. The first thing you need to do is select the Report type of the report you want to make. There are four report types:
For a policy report you need to select a policy. You can type it in by its name and then select it:
And node reports can be selected by node group. You can filter them by tag on the left input field, and select it on the right input field:
A grid will appear containing a preview of all the records that will be matched with these selection criteria. In the search columns of the preview you can also filter on each of the columns that appear. and you can save these reports as report templates for future use. A report template can be public, meaning that other people can use it too, or not, meaning that only you get to see it.
When you click on Show report, you'll get to see all policies or nodes that match your queries. Note that if there are also nodes that don't fit in your license, they also will not show up in these reports. If you double click on one of the rows in the preview grid, you get to see the report of that single row.
Compliance rules all have a severity. If you select by policy, and a node is not compliant, it will have the highest severity of all non-compliant rules (or simply a '-' if the node is compliant).
In case the policy on this node is compliant you will see a simple confirmation that it is compliant. In case the policy is not, you will see a detailed breakdown of what is wrong. You can download this report and save it to your system.
In the case of reports on entire nodes and policies, these reports have the potential to grow quite big. The detail level allows you to specify how much detail you want to see in your overall report, based on indentation. 'None' shows as little as possible, 'All' shows everything.
When you click on the download button, you can download a csv-version of this report. The detail level also is incorporated in this csv version, so with 'None' you'll just get a list of the main items. With higher levels you'll also get the report details with each failed entry.
If you want to have a more global overview of compliance, there is the dashboard.
The compliance dashboard allows you a global overview of the compliance across your whole environment. The dashboard consists out of three sections.
The top two bars show you an overview of the ratios of compliance for your policies and nodes. The right green part represents all compliant nodes and policies, and the other sections the non-compliant ones by severity. You can see the actual percentages when you hover your mouse over the bars.
The two right grids contain the exact information, but in grid form. The percentages can also be found here, including the exact amount of policies and nodes that have that status, under the '#'-column.
Since in a healthy environment most of the nodes and policies are compliant, the “Failed only”-checkbox hides these results from the bars and the grid, allowing you a more detailed look at the non-compliant nodes and policies.
Note that only licensed nodes are counted when compiling the summaries for this dashboard.
The compliance per policy grid gives a quick overview of all of your active policies. Any policy that does not have any licensed node is not shown. The middle column shows the number of nodes in this policy that are not compliant. The right column shows the amount that are. You can filter the middle column on severity to have it only show one particular severity (for example if you want to only see the policies that nave high risk issues).
If you want to retrieve the reports from the api, you can use the following command: