On This Page
Configuring Report Export
Overview
In report output configuration, there is an option for the on-event or scheduled report to be automatically exported to an external repository or portal:
Export settings for the entire SecureTrack system are defined in the Reports page: Settings > Configuration > Reports. Only a SecureTrack Administrator (Super Administrator in a Multi-Domain environment) can configure the Reports page. This page is also used for setting the report format and logo.
Export Settings
The export settings in the Reports page are:
Do Not Export Reports
In report output configurations, the export option is disabled.
Export Reports Using SCP
SecureTrack connects using SCP to the Destination host, using the specified User name and Password, and copies the report to the host's file system, to the specified Root URL in host (path on host to target location).
Folder structure defines how reports should be arranged in folders under the target location:
-
Single directory for all reports: All reports are placed directly in the target location.
-
Directory per report type: A folder is created for each report type (New revision report, Advanced change report, etc.).
-
Directory per context: In a Multi-Domain environment, the reports configured in each domain context are placed in a separate folder.
-
Export reports via user-defined script: This option is unavailable in TOS Aurora.
Export Reports via User-defined Script
Requirements
-
The user-defined script needs to be a Unix-formatted file written as a bash shell script.
-
The script should copy the report to a target that authorizes users: st and root
Copy the Script
-
Copy the script file to the SecureTrack host in: /tmp/export_report_script.sh
-
Set the script file permissions to 777 by running the following command:
-
Get the name of the device-collector pod by running the following command:
-
Copy the script file to the target location by running the following command:
kubectl cp /tmp/export_report_script.sh POD_NAME:/usr/local/st/scripts/
kubectl cp /tmp/export_report_script.sh POD_NAME:/usr/local/st/scripts/Where POD_NAME is the actual device-collector pod name obtained in the previous step.
SecureTrack will pass the following arguments to the script:
Argument |
Description |
---|---|
1 |
Source PDF file path and name |
2 |
Report owner |
3 |
Report name |
4 |
Report type |
5 |
In a Multi-Domain environment: Report context In a regular environment: This string is empty |
6 |
The string “-mgmt_id” |
7 |
The value of the management id |
8 |
The string “-version” |
9 |
The value of the policy version |
10 |
"-report_id" |
11 |
The value of the report output id. |
12 |
Revision ID |
When the triggering event parameter configured in Report > Report Configuration > ...Output > Send on Event occurs, SecureTrack will pass arguments 6-11 to the script.
The following sample script renames the file and copies it to /opt/tufin/logs/services/device-collector/ location on the SecureTrack host.