Working with reports

Viewing reports

A report is a set of saved filters and groupings on a set of findings. You can create reports from findings, and you can create a report from another report.

  • Compliance and vulnerability reports appear on Client tab.

  • Remote vulnerability reports appear on the Remote tab.

By default, users with the Comply Report Reviewer role can see all reports, even reports that target computer groups for which the user does not have management rights.

If the Report_mr_enabled setting is set to true, users can only see reports that target computer groups for which they have management rights. With this setting enabled, users can only see reports when they have management rights to all computer groups that the report targets. If a report targets multiple computer groups, but the user does not have management rights to one or more of the targeted computer groups, the user cannot see the report.

The Maintain_management_rights setting is set to false by default. When this is set to true, the management rights of a report's original creator are preserved when the saved action for the report is recreated. The saved action is recreated when the report schedule is edited or when a report vulnerability feed is updated. With this setting, users who are not administrators, can only change the schedule for reports they create.

Compliance report results

Click on a compliance report in the list to view the report details page. The details page is another view of the findings that were used to create the report. You can further refine or change the report by using the available filters and fields. Expand the triangle beside the report name to edit the Description and select a different Content Set.

 

Click the Cancel button to stop editing and return to the original report. Click the Revert button undo changes and return to the original report. Click the Save As button to create a new report using the applied filters.





Vulnerability report results

Click on a vulnerability report in the list to view the report details page. The details page is another view of the findings that were used to create the report. You can further refine or change the report by using the available filters and the Save As button to create a new report.

Click the Get More Details icon on a finding in a report for Remediation Instructions and a Solution.

Create a new report

Create a new report from the Comply > Reports > Client or Remote tab. Click the Create Report button and select a report type. This takes you to the Findings page for your selection. See Create reports from findings.


Integration with Patch

The scan engine in Comply scans for both vulnerability and operating system patch definitions. If you have Tanium Patch installed and the scan engine finds a vulnerability definition and a patch definition that are associated with the same CVE, Comply checks Patch for the necessary patch. If the patch is available in Patch, a Patch link displays in the Details section of the Get more details window.




Click the Patch link to open the corresponding page in Patch. From there, you can click Install to create an install deployment.

For more information, see Patch User Guide: Deploying patches.

Use Patch to deploy operating system patches and software updates to proactively remediate and eliminate software and operating system vulnerabilities before they are found by vulnerability reports.

Integration with Asset

When you filter findings by endpoint, you can click the Asset icon for an individual endpoint to view more details. From the details pop-up, you can click the View Details in Asset button to go to Tanium Asset.



View saved question

The Comply dashboard on the Overview page includes Tanium Trends boards that provide data visualization information for the Comply results described here: Trends.



Click the title for a board in the Summary section to view the saved question in Tanium Interact that retrieved the results for the selected board.
From the Saved Question view, you can click the Edit button to edit the question in Interact. See Managing save questions in the Tanium Console User Guide for detailed instructions.

Exporting remote vulnerability reports

Do the following to export a report.

  1. On the Reports page, select the Remote tab.
  2. Select a report and click the Export icon . You can only export one report at a time. If you have more than one report selected, the Export icon is not displayed.
  3. In the Export Report window, provide the following for each report type:
  4. Enter an Report Name.
  5. Optionally, enter a Description.
  6. Enter a File Name or use the pre-populated name.
  7. Select a Format: HTML or CSV.
  8. Click Export.

Click the Exports tab to view the status of the exported report. It will appear as Running until it's Complete.

Importing reports

  1. To import reports, go to the Reports > Exports tab.

  2. Select an exported report and click Download.
  3. Click the Download button to import a zip file containing the report.