Summary: This page provides instructions for configuring and using the Report Generation feature.
The Report Generation feature allows you to generate reports on the fly direct from the CAST Engineering Dashboard interface. Various reports can be generated, however, some require some configuration before they will work.
Accessing the Report Generation feature
|From the Side Menu bar, click the following icon:|
Available report categories
Three types of report categories are available:
|Category||Enabled by default?||CAST Report Generator for Dashboards required?||Additional configuration required?||Output format||Available reports|
|Standard Compliance Reports||Same format as the associated CAST Report Generator templates.|
Available reports include:
The default list of reports can be customized.
Latest report generator has to be used to generate ISO reports.
Inline in the browser
Can be downloaded in Excel format.
Available reports include:
|Same format as the associated CAST Report Generator templates.||This category enables you to define your own custom reports via CAST Report Generator templates.|
Standard Compliance Reports
This category provides reports on various industry recognized standards such as:
- STIG (Security Technical Implementation Guide)
- PCI (Payment Card Industry)
- NIST (National Institute of Standards and Technology)
CISQ reports are removed (in versions ≥ 2.4.0) from the default report list.
See CAST Report Generator - CAST Report Generator for Dashboards for more detailed instructions about the configuration process.
Choose a report type from the Standard Compliance Reports category and click the Generate Report button:
The report will be generated and auto downloaded to the default "downloads" folder used by your browser. Reports are generated using the same format as the associated CAST Report Generator templates. The report file name should contain the:
- application name
- snapshot version
- report type
For example: MEUDON-Snapshot-2021-10-04T11-50-22-ISO-5055 Compliance Report.docx (MEUDON is an Application name). A notification message is displayed when the report is generated:
If the report fails to generate, a notification is also displayed with the error message. Please refer this page about error messages handling: Report Service.
This example shows that CAST Report Generator for Dashboards has not been configured:
This category provides reports that can easily show where the biggest changes in violations between snapshots have occurred:
These reports are provided inline in the browser and do not require CAST Report Generator for Dashboards nor any additional configuration.
The formula used to define the value for Improvement Gap in the report Top rules with the highest improvement opportunities is as follows:
Improvement Gap = (Quality_rule_weight * technical_criteria_weight) * (4 - Grade)
The following options are available for Miscellaneous Reports:
|Filter on Health Measure|
For some reports it is possible to filter results on a specific Health Measure. By default, the TQI measure will be active, but it is possible to choose a different measure if necessary:
Note that not all reports can be filtered in this way.
Report results can be downloaded in Excel format:
Indicates whether the related rule is critical or not:
|Click to drill down to violation's source code (not available in all reports).|
|Click to drill down to the selected object and view it in the Application Investigation view.|
This category enables you to define your own custom reports via CAST Report Generator templates. The category is disabled by default (i.e. it does not contain any report templates). The templates you want to use to generate a report must be present on the server hosting Apache Tomcat in the "Templates" sub folder of your CAST Report Generator for Dashboards deployment location.
Choose a custom report type from the Custom Reports category and click the Generate Report button: