SEE ALL SAMPLE REPORTS  DOWNLOAD REPORT CATALOG

Change Process Compliance Report

This report identifies authorized and unauthorized changes to specified nodes over a period of time. Authorized changes are recognized by the presence of a third-party reference identifier.

Usage: This management report shows trend in effectiveness of change process controls. A Dashboard of the report shows trends by location or IT service.

Change Window

This report indicates the number of detected changes for a specified monitored system(s) that have occurred inside and outside a defined change window.

Usage: Management report showing consistency and enforcement of change management policy to assure system integrity.

Detailed Waivers

For each specified node and test, this report provides a complete listing of all applicable waivers and related details such as waiver start and end dates, reason for the waiver, and who is responsible for remediation.

Usage: Security and IT operations can use this report to manage waivers and remediation more effectively and with less effort.

Scoring

This report shows the overall compliance pass/fail status of a given environment as well as explicit scoring results for each individual node.

Usage: This report enables management to quickly and easily ascertain the true state of compliance across their IT infrastructure.

Detailed Test Inventory

For each specified test, this report provides a test definition that includes details such as test description, type, severity and weighting.

Usage: This report makes it easy for management to generate and share formal test documentation, as well as view this information offline.

Test Results by Node

For each specified node, this report shows both a summary and a detailed breakdown of the latest test results. The report can also be configured to only display failed tests and associated remediation steps.

Usage: This report functions as a prescriptive "punch list" that system administrators can use to expedite necessary remediation tasks.

Compliance History

This report calculates the number of passing and failing policy test results created for all specified nodes for each specified time interval. It is typically used as a management report showing the historic trend of compliance with a policy.

Detailed Test Results

This report lists all policy results for each specified node that meet the specified report criteria. For each result, the output indicates which element was tested, and the outcome (passed/failed). This report is a means of identifying specific settings that are out of compliance with a policy and that may require modification.

Policy Scorecard

For each specified policy test or policy test group, this report indicates the number and percentage of nodes that are in full compliance with the test (or group), and the number of nodes that are not in full compliance. This is used as a high-level management report providing a comprehensive view of compliance throughout your organization.

Report Linking

Report Link Criteria provides the ability to link certain reports allowing for the ability to "drill-down" or link from a report being viewed to a subsequent report with an increased level of detail. For example, one may want to link from a Change Process Compliance report, to a Changed Elements report for a list of unapproved changes, then to a Detailed Changes report on a particular element.

Baseline Elements Report

Lists details about baseline elements for specified nodes.

Usage: This report satisfies the audit requirement of showing that changes are authorized by reporting all changes promoted to the current baseline, including who made the change, approval IDs, and comments that indicate why the change was approved.

Reference Node Variance Report

This report identifies all elements that differ between one "reference" node and one or more other "compare" nodes.

Usage: This report detects configuration drift. Any changes that are inconsistent across the nodes are flagged and reported.

Changed Elements

Summary information for each changed element can include the time, type (addition, deletion, and modification), attributes, user, and packages affected by the change. Changes can be grouped by approval identifier so all unauthorized, as well as authorized, changes are immediately visible.

Usage: Identifies the who, what, when and where of changes for compliance reporting. Typically executed on an ad hoc basis as known changes are made, or daily/weekly as a record of changes for that interval.

User Roles

For a specified node or node group, this report identifies the effective user role for a selected user account. The effective user role is the actual level of control that the user has over the specified node or node group.

Usage: Management report showing who has access to what in the Tripwire Enterprise Console. Typically run monthly, potentially more often depending on process maturity.

Changes By Severity

This report lists nodes having changes in each of the user-defined severity ranges.

Usage: A high-level report showing unresolved changes by severity. This report is typically run to identify configurations that have deviated from their known and trusted baseline.

Nodes with Changes

Lists the nodes that currently have changes corresponding to specified severity levels.

Usage: Quickly identifies nodes with specified changes, showing authorized vs. unauthorized.

Report Linking

Report Link Criteria provides the ability to link certain reports allowing for the ability to "drill-down" or link from a report being viewed to a subsequent report with an increased level of detail. For example, one may want to link from a Change Process Compliance report, to a Changed Elements report for a list of unapproved changes, then to a Detailed Changes report on a particular element.

Detailed Waivers

For each specified node and test, this report provides a complete listing of all applicable waivers and related details such as waiver start and end dates, reason for the waiver, and who is responsible for remediation.

Usage: Security and IT operations can use this report to manage waivers and remediation more effectively and with less effort.

Test Results by Node

For each specified node, this report shows both a summary and a detailed breakdown of the latest test results. The report can also be configured to only display failed tests and associated remediation steps.

Usage: This report functions as a prescriptive "punch list" that system administrators can use to expedite necessary remediation tasks.

Detailed Test Results

This report lists all policy results for each specified node that meet the specified report criteria. For each result, the output indicates which element was tested, and the outcome (passed/failed). This report is a means of identifying specific settings that are out of compliance with a policy and that may require modification.

Reference Node Variance Report

This report identifies all elements that differ between one "reference" node and one or more other "compare" nodes.

Usage: This report detects configuration drift. Any changes that are inconsistent across the nodes are flagged and reported.

Detailed Changes

This report compiles comprehensive change information for elements on specified nodes.

Usage: Typically run ad hoc to help operations identify what changed if/when there is a service affecting problem, improves troubleshooting by identifying and isolating system changes in order to reduce MTTR.

Changed Elements

Summary information for each changed element can include the time, type (addition, deletion, and modification), attributes, user, and packages affected by the change. Changes can be grouped by approval identifier so all unauthorized, as well as authorized, changes are immediately visible.

Usage: Identifies the who, what, when and where of changes for compliance reporting. Typically executed on an ad hoc basis as known changes are made, or daily/weekly as a record of changes for that interval.

User Roles

For a specified node or node group, this report identifies the effective user role for a selected user account. The effective user role is the actual level of control that the user has over the specified node or node group.

Usage: Management report showing who has access to what in the Tripwire Enterprise Console. Typically run monthly, potentially more often depending on process maturity.

Change Process Compliance Report

This report identifies authorized and unauthorized changes to specified nodes over a period of time. Authorized changes are recognized by the presence of a third-party reference identifier.

Usage: This management report shows trend in effectiveness of change process controls. A Dashboard of the report shows trends by location or IT service.

Changes By Severity

This report lists nodes having changes in each of the user-defined severity ranges.

Usage: A high-level report showing unresolved changes by severity. This report is typically run to identify configurations that have deviated from their known and trusted baseline.

Nodes with Changes

Lists the nodes that currently have changes corresponding to specified severity levels.

Usage: Quickly identifies nodes with specified changes, showing authorized vs. unauthorized.

Detailed Waivers

For each specified node and test, this report provides a complete listing of all applicable waivers and related details such as waiver start and end dates, reason for the waiver, and who is responsible for remediation.

Usage: Security and IT operations can use this report to manage waivers and remediation more effectively and with less effort.

Detailed Test Inventory

For each specified test, this report provides a test definition that includes details such as test description, type, severity and weighting.

Usage: This report makes it easy for management to generate and share formal test documentation, as well as view this information offline.

Test Results by Node

For each specified node, this report shows both a summary and a detailed breakdown of the latest test results. The report can also be configured to only display failed tests and associated remediation steps.

Usage: This report functions as a prescriptive "punch list" that system administrators can use to expedite necessary remediation tasks.

Report Linking

Report Link Criteria provides the ability to link certain reports allowing for the ability to "drill-down" or link from a report being viewed to a subsequent report with an increased level of detail. For example, one may want to link from a Change Process Compliance report, to a Changed Elements report for a list of unapproved changes, then to a Detailed Changes report on a particular element.

Frequently Changed Elements

List details about the most frequently changed elements for the specified set of nodes.

Usage: Management report very useful for identifying those elements that change on a regular basis as part of normal business processes. The resulting data can be used to manage and tune Tripwire Enterprise rules and actions for more efficient integrity checks. Typically run once a week until rules are tuned for specific environments, then once a month.

Last Node Checked Status

This report displays last check status information for the specified nodes over a period of time defined by the user. It optionally includes information regarding failed, checked, and unchecked nodes.

Usage: Management report used to ensure that nodes are being checked as scheduled without any failures occurring. Typically run monthly or more frequently if needed.

Missing Elements

This report displays element names specified by the user that are not present for the specified nodes. Alternatively, it can display rules that have no elements for the specified nodes.

Usage: Management report allows users to pick either rules or element names and determine whether or not they are missing on a target set of nodes. This report helps Tripwire Enterprise administrators configure Tripwire Enterprise to monitor for and detect configuration drift that could affect availability.

Unchanged Elements

This report lists elements or rules that have no changes over the specified period of time for the set of nodes specified by the user.

Usage: Management report used to check for elements that were expected to change over a period of time but did not do so. Used to ensure C/CM policies are being followed.

Change Variance

This report shows the total number of rules and elements associated with detected changes on specified nodes. As appropriate, you can limit report output to specific nodes, rules, and/or element names

Usage: This report is typically executed immediately after deployment of a patch or other software package. To determine which new element versions should be promoted, you may review the report for inconsistencies across the updated systems, which can then be investigated for potential impacts on availability.

Change Window

This report indicates the number of detected changes for a specified monitored system(s) that have occurred inside and outside a defined change window.

Usage: Management report showing consistency and enforcement of change management policy to assure system integrity.

Changed Elements

Summary information for each changed element can include the time, type (addition, deletion, and modification), attributes, user, and packages affected by the change. Changes can be grouped by approval identifier so all unauthorized, as well as authorized, changes are immediately visible.

Usage: Identifies the who, what, when and where of changes for compliance reporting. Typically executed on an ad hoc basis as known changes are made, or daily/weekly as a record of changes for that interval.

Detailed Changes

This report compiles comprehensive change information for elements on specified nodes.

Usage: Typically run ad hoc to help operations identify what changed if/when there is a service affecting problem, improves troubleshooting by identifying and isolating system changes in order to reduce MTTR.

Device Inventory

This report identifies the make, model, and version of specified nodes.

Usage: Management report showing devices being monitored helping to insure correct systems and nodes are being controlled. Typically run monthly, potentially more frequently depending on process maturity.

Elements

This report lists all elements identified by the specified criteria, e.g., all elements associated with a rule. Optionally, the report can also identify the package associated with each element.

Usage: By identifying the elements, operations can ensure that the proper systems, files, settings, configurations, etc. are being monitored ensuring any availability affecting changes are detected.

Frequently Changed Nodes

This report ranks the most frequently changed nodes that meet the specified criteria. The report includes the total number of changes for each node, as well as the totals for each type of change (additions, removals, or modifications).

Usage: Management report used to identify nodes that could potentially cause availability problems due to frequent changes.

Reference Node Variance Report

This report identifies all elements that differ between one "reference" node and one or more other "compare" nodes.

Usage: This report detects configuration drift. Any changes that are inconsistent across the nodes are flagged and reported.

Custom Criteria & Time Off-set Reporting

Enhances remediation and accountability by reporting on change activities based on a user specified criteria and time range.

Usage: Generate reports based on a user defined time range. For example, generate a detailed change report of all changes on Windows 2003 systems that have not been promoted to a new baseline that are over 2 days old.

PCI Test Results Report

This report shows the overall PCI compliance pass/fail status of a given environment as well as explicit compliance results at the individual node level by PCI requirement.

Usage: This report enables management to quickly and easily ascertain the true state of PCI compliance across their IT infrastructure.

PCI Compliance History Report

This report shows the highest, lowest and average PCI policy score over a specified number of intervals for a chosen set of nodes.

Usage: It is typically used as a management report showing the historic trend of PCI compliance for selected nodes.