Report Settings

When creating or editing a report, you need to configure the report settings. These settings are used to define the report domain devices, recipients, and schedule (for recurring reports), as well as additional information required for the report. Some settings are the same for all report templates, while others are specific to an individual template. The report settings are initially configured when creating a report (Create Report tab), and you can reuse these settings when editing an existing report to make changes (Saved Reports tab).

Report settings are configured in the Setup page for the report.

The following settings apply to all report templates:

Setting Category

Fields

General

Report name

Domains
  • Select domain
  • Select device(s) - For some reports, you can select multiple devices or device groups.

Email

To Email Address: The recipients for notification emails

Use a semicolon (;) to separate multiple email addresses

Schedule
  • Repeats
  • Days of the week
  • Time 

The following settings apply to specific report templates:

Report Template

Setting Category

Settings

Business Ownership Changes

 
  • Revisions: Displayed when you select a device
  • Dates: Displays when you select more than one device.

Select Revision options (single device selected)

  • Start Revision
  • End Revision

Select Dates (multiple devices selected)

  • Start Date
  • End Date

Device Audit

Audit

Select CIS audit paragraphs for inclusion (e.g. CIS 1.3.1 password complexity), all selected by default.

The options are grouped into sub-categories: Settings, password rules, authorization, services, user ID, high availability, dynamic updates, Wildfire and security profiles/

Device credentials must be set up before running this report.

Policy Analysis

Policy Data
  • Source: Gets an IP address and CIDR separated by a colon.

    Example: 1.1.1.1:32

  • Destination: Gets an IP address and CIDR separated by a colon.

    Example: 2.2.2.0:24

  • Service/Application: For services, enter protocol (tcp and udp) and port separated by a colon.

    Example: tcp:80 or udp:21.

    For applications, use the search icon to search for predefined applications

Data options:

  • Negate - Click to exclude rules that match the information entered in the query
  • Exclude Any - Click to exclude services/objects with "Any"

Filter options:

  • Select Shadowing: Select a shadowing option for filtering rules.

    • Shadowed rules are rules that match the query, but will never actually handle any of the traffic included in the query as the traffic is handled by a rule or rules higher up in the rulebase.

    Since not all rules have a shadowing status in SecureTrack, some rules that match the traffic defined in rules that are higher up in the rulebase may be returned in the report output. Errors will be added to the STRE log file.

  • Select Action: Select a rule action for filtering rules: Accept, Drop or Any (both Accept and Drop)
  • Simulate NAT: When set, NAT simulation is used when calculating the path
  • Last Installed Revision: When set, the simulation uses the last installed policy. If there is no installed policy, the last saved policy is used
  • Display Blocked Status: When set, blocked traffic icons are displayed next to devices blocking the traffic
  • Show Broken Paths: When set, all nodes in the path are displayed, even if the node cannot reach the destination, or if the source and destination are the same.

Rule Analytics

Rules

Search - Autocomplete search field for rule values

Rule and Object Changes

Revisions category displays when you select a device

Select Revision options

  • Start Revision
  • End Revision

Security Best Practices

Best Practices
  • Best Practices Type
  • Names - Best practice use cases
  • Values
  • Severities

Security Violations

Domains

  • Select Matrix(es)
  • Custom Filters - options to exclude rules

Shadowed Rules

Domains
  • Custom Filters - options to exclude rules

Unified Security Compliance

Domains

Select Matrix