Summary: This page provides instructions for managing Actions (in the Action Plan) in the Security Dashboard.
The Security Dashboard features the ability to add and remove objects (violations) to and from an "Action Plan" - an Action Plan is simply a list of objects (i.e. "violations") that have been selected for action in the next snapshot generation process with a priority level assigned to them. Users can then use the list to focus their re-mediation work. Think of it as a "to do list" - i.e. objects that require work to remove the violation flagged by CAST AIP.
Note that Actions are available when viewing data from a previous snapshot, however, the ability to edit Actions is only available from the most recent snapshot.
Permissions required to interact with the Action Plan
To edit Actions - i.e. add/remove objects/violations to/from the Action Plan.
Your user login must have the QUALITY_MANAGER role.
- Roles can be assigned at user level (when using Default Authentication mode) or via user or group (when using Standard LDAP/SAML authentication). Please see Configuring user authentication for more information.
- You can view the Action Plan in read-only mode if your user login has not been assigned the required role.
Accessing the feature
To access the feature, there are two methods:
|From the "home" or landing page, click the default Action Plan tile.|
|From the Side Menu bar, click the following icon:|
The focus will be set to the Actions tab when using this icon:
The image below shows a list of violations that have been added to the Action Plan:
Click to enlarge:
|Added: Total number of objects (violations) in the Action Plan that have been added to the list since the last snapshot was generated - their status will be checked during the next snapshot generation.|
|Pending: Total number of objects (violations) in the Action Plan that are STILL violating a rule since the last snapshot was generated - i.e. the problem has not been fixed|
|Solved: Total number of objects (violations) in the Action Plan that have been corrected and are no longer violating the rule since the last snapshot was generated - i.e. the object has been remediated.|
This check box allows you to manage the object (violation). A Manage button will appear when an object is ticked:
This button allows you to:
|Select all option will select only the available rows in the current page.|
Displays the priority given to the object (violation) when it was added to the action plan, ranging from:
Data can be filtered on this status, with the addition of All Tags - i.e. all priorities:
The Priority set on each violation when it was added to the Action Plan can be modified using the check box and Manage > Update Actions button.
Note that it is possible to modify the name of this column. See CAST Dashboard Package - Engineering Dashboard json configuration options using the tagType parameter.
Displays the status of the object (violation) in the Action Plan (see the sections in the rows above which explain these statuses in full):
Data can be filtered on this status, with the addition of All Statuses:
See the sections in the rows above which explain these statuses in full.
Displays the free text comment assigned to the object (violation) when it was added to the Action Plan. This comment can be modified using the check box and Manage > Update Actions button. Data can be filtered on the comment, with the addition of All Comments and Empty Comments:
The name of the Quality Rule for which the object (violation) has been added to the Action Plan (objects (violations) can appear multiple times in the Action Plan). Data can be filtered on the rule name, with the addition of All Rules:
|Object Name Location||The name of, and information about the object (violation) that has been added to the Action Plan for remediation.|
The date the object (violation) was last updated - i.e. any of the following:
|This icon, when clicked, will take you direct to the Source Code page for the object (violation) in question.|
|Use this option to export the contents of the Action Plan to an Excel file. See Exporting data to Microsoft Excel file format for more information.|
Adding violations (objects) to the Action Plan
Drill down to Violations level in any of the the Quality, Application or Transaction Investigation views. A checkbox will be visible in each object description row (highlighted in the image below in red) - if you do not see this checkbox, then your login does not have the correct role:
Place a check mark in the checkbox alongside the object that you want to add to the Action Plan - the Add button will then become visible as shown below:
Now click the Add button and select the Add the violations to the Action Plan option:
Now enter a comment (not mandatory) to annotate the violations (this comment will appear in the Action Plan) and choose a priority (Extreme, High, Moderate, Low) - mandatory - from the drop down list. Click Add to add the violations to the Action Plan:
The violations will then be added to the Action Plan, In this example, we have selected the Extreme priority entered a comment:
You can add multiple objects to the Action Plan in one go in two ways:
Select the violations you require - the SHIFT key will function if you need to select a range of violations
Use the heading row check box to select all the violations to the selected Quality Rule:
If there are many violations in the Action Plan, a Showing button will be displayed (this is to improve the performance of the display). You can choose to display more using the various options (20, 100, all violations). By default an upper maximum of 5000 violations is set when the "All" option is clicked. You can change the upper maximum if required (see the violationsCount option in CAST Dashboard Package - Engineering Dashboard json configuration options).
- You can add violations from the Schedule Exclusion List using the Add the related violations to the Action Plan option:
Removing violations (objects) from the Action Plan
If you would like to remove a violation that has already been added to the Action Plan, you can do so as follows. Access the Action Plan from the side menu bar, or from the Action Plan tile on the "home" page. Select the violation or use the multi checkbox to select all objects you want to remove:
Then click the Manage button and select the Remove From Action list option as shown above. All selected violations will now be reset and will no longer be part of the Action Plan.
Updating comments/priority for violations (objects) that are already present in the Action Plan
If you have added specific violations to the Action Plan with a specific priority and comment, you can alter the priority and comments directly, without having to remove the violation from the Action Plan and then re-add it. You can do this from the Action Plan itself:
Locate the violation in the Action Plan. Select the violation or use the multi checkbox to select all violations you want to update, then click the Manage button and select the Update Actions option:
A dialog box will be displayed enabling you to choose a new Priority you want to assign to the violation and edit the comment where necessary:
All selected violations will now be updated.