Creating a Rule Documentation Report

IPv6 is not supported for this TOS feature.

To configure a Rule Documentation report:

  1. Go to Report> General Reports and click New Report.

    New Report

    The report configuration wizard has 3 steps.

    Report 3 steps

  2. STEP 1: Configure the General Criteria and click Next.
    1. For ReportType, select Rule Documentation:
    2. Optionally, you can change the Title.By default, the report's general name with the current date is the report name.
    3. In a Multi-Domain environment, select the Domains that contain the devices you want to run the report on.
    4. Select Devices for the report.

      If you have selected one domain, you can limit the report to include specific devices in the domain.
      If you have selected more than one domain, then Any is selected for Devices, and all devices in the selected domains are included in the report.

    5. For Check Point devices, if you have selected one device, you can limit the report to include specific Policy Packages.If you have selected more than one device, then Any is selected for Policy Packages and all policy packages in the selected devices are included in the report.
  3. STEP 2: Configure the Specific Criteria as explained below and click Next.

    Rule documentation report specific

    Parameter

    Description

    Technical Owner

    Select any of the SecureTrack users who already appear as technical owners.

    Rule Description

    Select one of the Rule Description options:

    • Contains - The comment includes the text that you enter.
    • RegExp - The comment matches the Regular Expression that you enter.

    Ticket ID

    Select Any / Empty or Contains.For Contains enter the text that you want to match.

    Business Owner / Business Owner Email -

    A rule is considered a match when either the rule's Business Owner Name or Business Owner Email address exactly matches the text you type here.

    Expiration

    • Scheduled Report - Schedule a report to be sent at specific times that will include, either:
      Already expired - Rules with expiration dates in the past
      Expiring within - Rules that will expire during the next specified number of days.Enter the number of days.
      Already expired, or expiring within: - Both sets of rules

      If no rules match the expiration, SecureTrack sends a blank report.
    • Daily Alert - Sends a report of rules that expire on the day specified.For example, if you set the alert to 2 days, then on Monday you receive a report for all rules that expire on Wednesday.
      This report runs daily at the time specified in Output.If no rules expire on the specified day, SecureTrack sends a blank report.
  4. STEP 3: Configure the report Output as explained in the table below and click Save.
  5. The saved report appears in the General Reports list.From the list, you can Run (Run), Edit (edit domain), or Delete (Delete) it.

    Report Output only scheduling

    Parameter

    Description

    Periodic Scheduling

    Defines a recurring schedule for report generation.The report can be generated on a daily, weekly, or monthly basis.

    Delivery

    The report can be delivered in any of the following three ways:

    • Send report by email: The report is generated for each of the selected Recipients and emailed to them.The emailed report's formatting (embedded HTML, MHT attachment or PDF attachment) is globally configurable for all users.
    • Export report: This option is available only to SecureTrack Administrators, and only when enabled in the Reports page.A report is generated according to the owner's configured preferences and permissions, and exported according to the configuration in the Reports page.To be notified when a report is generated, select Email me when exported.
    • Save report in Repository: The report is saved and users can later view it by selecting the Reports Repository tab (in Report view).Select Email a link to have a link to the report sent to recipients when a report is generated, provided the recipient's email is configured.

    Recipients

    Recipients: The SecureTrack users who receive the report (or a link or notification).When a SecureTrack User creates a report, only that User is a recipient.When a SecureTrack Administrator creates a report, multiple recipients can be defined.These Recipients are SecureTrack Administrators or Users whose email addresses have been configured in SecureTrack.Other email addresses can be defined, separated by semicolons ( ; ) in the Additional Email Recipients text box.

    Note: In a Multi-Domain environment, administrators (Super and Multi-Domain) can only add users who have permissions for the current Global or Domain context. SecureTrack does not send the report if a specified recipient does not have permission for a device or Domain included in the report configuration when the report is generated.

    Additional Email Recipients

    Enter additional email recipient addresses.Separate the addresses with a semicolon (;).

    Email Subject

    You can click on the field buttons to add the fields to the subject line of the email notifications.

    • Report Fields: You can include the name of the report and the time that the report was generated.
    • Revision Fields: When the report is configured to Send on Event, you can include the name of the device, the revision number, the action that triggered the notification, the name of the administrator who did the action, and the ticket ID associated with the change in the new revision.

    Advance Settings

    Privacy

    • Hide administrator details - The report does not include the names of users that made changes to policies or the name of the report creator.

    Display Settings

    • Show textual configuration (Cisco only) (when ticket ID recognition is configured) - If selected, the rule Name and Comment fields are removed from the report results.Only the ticket ID is included.This is useful if ticket comments contain confidential information that should not be sent to report recipients, such as administrator details.