Understanding policy reports
This section can be accessed from the Policy Box by selecting “Go to full report” or by choosing a policy within a Governance Center widget. It offers detailed information about the status and history of the chosen policy. Depending on your Playbook role, you may also have the option to edit the policy and enable the remediation.
Description panel
This panel provides a summary of the policy. It indicates whether a policy is an out-of-the-box (created by CoreView) or a custom one. For custom policies, the admin's username who created it is displayed. The policy definition offers insights into the monitored aspect. The threshold and severity levels reveal the policy's criticality and the percentage or number of violations required for the policy to be considered non-compliant and in need of remediation.
Clicking on “Learn more” reveals additional details about associated Playbooks and categories, the policy's impact on your tenant, its title, and the policy ID.
Based on your Playbook role, you might be able to preview and enable the policy remediation. Operators with the necessary roles and permissions can click on “Edit policy” and adjust these settings.
Policy report tabs
Matched items
This tab shows all unresolved policy violations. You can choose the information to display for each item using the “Columns” dropdown. If your role and permissions allow, you can select and remediate policies individually or in bulk by choosing “Run remediation for all items”. To exclude a matched item from the list, select the item and click “Set exception”.
Choosing “Manage exception” opens a wizard with all set exceptions, allowing you to set or remove an expiration date for them and add a note.
Exceptions
This tab lists all matched items marked as exceptions. You can remove all exceptions, revisit the “Manage exception” wizard, or select specific actions to manage through the Action “…” function.
Executed actions
This tab presents all remediation actions taken by the policy, including details about the operator (or scheduled playbook) that executed the remediation, its status (succeeded, failed, etc.), duration, and timestamps. More information (Workflow ID and name) can be viewed by selecting it from the “Columns” dropdown.
Statistics
This chart provides a comparison between the number of detected matched items and the remediation progress, indicating the number of resolved anomalies over time.
Data points can provide monthly, weekly, and daily information. You can switch views from the dropdown menu in the top-right corner. “Monthly” is the default setting shown after each logout.
For daily views, we take a snapshot of the matched items at a certain time each day. For weekly views, we do this on the last day of the week at a set time. The same goes for monthly views, where the snapshot is taken on the last day of the month.
If the tenant is in Production, the graph is displayed. Otherwise, if the tenant is in Trial or Proof-of-Value, the graph is not shown but only the description, impact, and remediation actions of the policy will be visible.