Introduction
StorageGuard reports can be generated in the PDF, Word or CSV formats, and scheduled to run automatically. Scheduled reports can either be sent by emails to appropriate recipients or saved to the file system. Vulnerability and Security Misconfiguration CSV reports can be generated automatically on a schedule and saved to a folder (local or remote). Applications capable of processing CSV files (such as Splunk) can in turn read the data off the CSV file and use it. For example, the data can be stored in a central CMDB or used to open an Incident or Problem ticket in an ITSM system.
The following sections describe the fields of the Vulnerability and Security Misconfiguration report CSV exports.
Vulnerability CSV Export
The following table describes the data fields presented in the Vulnerability CSV Export.
Field name |
Description |
Possible Values |
Examples |
Risk Id |
The finding (risk) id in the StorageGuard system. |
N/A |
|
First Detected |
The first seen timestamp for the finding (risk) |
timestamp |
12/12/2021 8:25:21 PM |
CI Site |
The name of the site where the CI is located |
N/A |
|
CI Name |
The name of the affected Configuration Item (CI) |
N/A |
|
CI Type |
The type of the affected Configuration Item (CI) |
N/A |
Pure FlashArray |
Result |
Describes whether the check passed successfully or failed for the CI, or if the check was not applicable |
PASS, FAIL, N/A |
|
Check Name |
The value includes the system type followed by the term "vulnerability analysis:" |
N/A |
NetApp cDOT vulnerability analysis |
CVSSV3 Score |
A numerical (0-10) representation of the severity of the security vulnerability. |
0-10 |
9.8 |
Security Advisory ID |
The vendor security advisory id |
N/A |
NTAP-20190905-0003 |
CVE Labels |
A comma-separated list of CVE vulnerabilities associated with this risk |
N/A |
CVE-2018-5498 |
Source Publication |
Hyperlink to the security advisory or CVE source publication |
N/A |
|
Severity |
Describes the severity of the finding (risk) |
Low, Medium, High, Critical |
|
Risk Status |
Describes the current status of the finding |
OPEN, REOPEN, CLOSED |
|
Vulnerable Version |
Returns the currently installed (vulnerable) version |
N/A |
9.6P6 |
CVE Description |
Returns a paragraph outlining the risk details (problem description) |
N/A |
|
Action Item |
Returns information about the remediation guidance |
N/A |
|
Impact |
A paragraph describing the consequences that the issue may cause |
N/A |
|
CI Last Successful Scan |
Returns the timestamp of the last successful scan of the CI |
timestamp |
|
Risk Note |
User note regarding the risk |
N/A |
|
CI Note |
User note regarding the CI |
N/A |
|
Last Detected |
The last seen timestamp for the finding (risk) |
timestamp |
|
CI Policy Name |
Comma-separated list of StorageGuard security policies associated with this check |
N/A |
|
CI IP Address |
The IP address of the CI |
N/A |
192.168.65.3 |
Security Misconfiguration CSV Export
The following table describes the data fields presented in the Security Misconfiguration CSV Export.
Field name |
Description |
Possible Values |
Examples |
Risk ID |
The finding (risk) id in the StorageGuard system. |
N/A |
|
First Detected |
The first seen timestamp for the finding (risk) |
timestamp |
12/12/2021 8:25:21 PM |
CI Site |
The name of the site where the CI is located |
N/A |
|
CI Name |
The name of the affected Configuration Item (CI) |
N/A |
|
CI Type |
The type of the affected Configuration Item (CI) |
N/A |
Pure FlashArray |
Result |
Describes whether the check passed successfully or failed for the CI, or if the check was not applicable |
PASS, FAIL, N/A |
|
Check Name |
The value consists of a Check UID and a Name |
N/A |
K030CI000377: Root squash is enforced |
Security Principle |
A short text describing the high-level security best practice (principle) this check relates to |
0-10 |
9.8 |
Impact Category |
Describes the area of the finding |
N/A |
Authentication Encryption |
Security Labels |
A comma-separated list of labels describing associated standards and sources for the security requirement |
N/A |
CIS Control 4.1, NIST SP800-53 AC-2, PCI DSS 7.1, EMC Security Guide |
Violation Details |
Lists he misconfigured setting and its value |
N/A |
|
Customizable Parameters |
Lists any available customizable parameters for this check and the configured value. |
N/A |
Minimum password length: 8 |
Risk Status |
Describes the current status of the finding |
OPEN, REOPEN, CLOSED |
|
Summary |
A single sentence describing the finding (risk) briefly |
N/A |
|
Description |
Returns a paragraph outlining the risk details (problem description) |
N/A |
|
Resolution |
Returns a description of the steps, commands or API calls that can be used to remediate the risk |
N/A |
security login banner modify -message {param1} # param1 the required legal notice |
Impact |
A paragraph describing the consequences that the issue may cause |
N/A |
|
CI Last Successful Scan |
Returns the timestamp of the last successful scan of the CI |
timestamp |
|
Risk Note |
User note regarding the risk |
N/A |
|
CI Note |
User note regarding the CI |
N/A |
|
Last Detected |
The last seen timestamp for the finding (risk) |
timestamp |
|
CI Policy Name |
Comma-separated list of StorageGuard security policies associated with this check |
N/A |
|
CI IP Address |
The IP address of the CI |
N/A |
192.168.65.3 |
Risk Labels |
A comma-separated list of IT labels describing the affected system type |
N/A |
NetApp |
Comments
0 comments
Please sign in to leave a comment.