Configuring Live Devices for Device Audit Report

Overview

To use the Device Audit report, SecureTrack Reporting Essentials (STRE) requires access to your devices directly. You must provide device credentials for each live device in the network zone on which the report runs. The same credentials can be entered once for multiple devices.

The segments and custom checks can include regex wildcards.

To configure offline devices, see Offline Devices.

Prerequisites

• Admin-level credentials for the devices being accessed

• Super admin permission levels in SecureTrack

• Credentials for managed devices identical to as management device.

Configure Device Credentials

1. Go to Settings > Setup Device Audit.

   The The Setup Device Audit Report page appears.

   The Configure Devices section shows the devices that can be included in the Device Audit report.

   

2. Above the list of devices, use the Domain (for multi-domain environments) and select the Vendor to filter the list of devices that appear.

   Click here for a full list of supported vendors.

3. In the device list, select all the devices that share the same set of credentials. Click the first checkbox to select all devices.

   The credentials that you enter will be used for all the selected devices.



4. Enter the device credentials (if they are not populated already).

   • Login Username

   • Login Password

   • (Cisco Only) Enable Password (Optional)

   • Port: Leave empty to use the default port: 443 for HTTPS and 22 for SSH.

5. After setting up device credentials, you can test them by clicking Test Credentials. During this process, STRE checks to see if it can reach the device with the credentials that you provided.

6. If communication between STRE and one or more devices failed, you will get a message and this icon appears:

   Click this icon to see alerts as to which devices failed. The icon disappears when all device credentials test successfully.

   

7. Click Save to save the credentials.

   If you want to stop the test credentials process, click Abort Test.

Define Segment

1. Go to Settings > Setup Device Audit.

2. Select the offline device.

3. In the Device Configuration Segments section, click Define Segment.

The Define Segment dialog box appears.



4. Enter the following information:

   • Segment Name

   • Segment Start Pattern: The characters that begin the segment.

   • Segment End Pattern: The characters that end the segment.

5. Click Add.

Configure Custom Checks

1. Go to Settings > Setup Device Audit.

2. Select the offline device.

3. In the Custom Checks section, click Add Check.

   The Add Custom Configuration Check dialog box appears.



4. In the Scope section, toggle Limit Search, to limit the check to a specific segment.

   If enabled:

   1. Select the segment.

   2. If you want to trigger a violation if the segment isn't found when running the report, select Trigger violation if segment isn't found during report run.

      Trigger violation if segment isn’t found during report run	Scenario	Outcome
      Enabled	Segment start pattern found	The program will look for a match against the search pattern string within the segment.
      	Segment start pattern or end pattern not found	The check will automatically be marked as a violation, and a notification will be included in the report output.
      Disabled	Segment start pattern found	The program will look for a match against the search pattern string within the segment.
      	Segment start pattern or end pattern not found	The check will automatically be classified as No Match. The report will trigger a violation only if the Violate on setting is No Match.

5. In the Verification section, enter the following information:

   • Name

   • Optional Description

   • Search Pattern: The pattern the report will search for.

6. In the Compliance section, select:

   • Violate on: Whether the report triggers a violation if a match is found or not found.

   • Severity

7. Click Add.