Introduction

The CAST Engineering Dashboard has two search options available for use:

Basic search, providing search on items in the Assessment Model (i.e. rules) and on object names. Results are dependent on the location the search is made.
Advanced search, providing search for objects based on a list of violations. Results are not location dependent.

Each is explained below.

Basic search

Basic search is accessed from the top menu bar:

CAST Security > Security Dashboard - Search Options > basic_search.jpg

Clicking this icon activates a search field enabling you to search for names of items (i.e. rules) in the Assessment Model and objects. Results are dependent on the location the search is made.

search results will include items dependent on the location in which you made the search.
search is not contextual and is instead global to the entire current snapshot
search functions in "contain" mode, i.e. search results must contain text matching the search query term
the number of results is displayed
the list of results for object searches contains the following information: object name page, object type and object fullname
results are paginated, scroll with the scroll bar to view more results
clicking an item in the search results will drilldown to the exact location of the item in the dashboard
rules flagged as critical are excluded from the search results when the Only critical violations filter is active. When searching for a non-critical rule and the Only critical violations filter is active, a message will be displayed stating No results were found to match your search.

Technical notes about the Search feature:

The Search feature uses the open source Lucene search software
It relies on the existence of an index which is generated automatically when the application server is started.

You can find out more in Managing the Engineering Dashboard search indexes.

A search made in Home page, Risk Investigation view, Transaction investigation view and Action/Exclusion/Education/Continuous Improvement lists will give results for the following items:

Business Criteria
Technical Criteria
Rules
Measures
Distributions

CAST Security > Security Dashboard - Search Options > search_results1.jpg

A search made in Application investigation view will give results for the following items:

Objects

CAST Security > Security Dashboard - Search Options > search_results.jpg

Advanced Search

Accessing the Advanced Search feature

The Advanced Search feature can be accessed using the icon in the left hand menu:

CAST Security > Security Dashboard - Search Options > SD.jpg

Enabling the Advanced Search feature

"Out of the box", the Advanced Search feature is not enabled and the following message will be displayed:

CAST Security > Security Dashboard - Search Options > message.jpg

This indicates that a "violations index" (on which the feature relies) has not yet been generated. To generate the index the following methods are available:

Using the "Diagnostic" GUI

This method requires that the user has the ADMIN role.

Use the following URL to access the Diagnostic page:

http://<server>:<port>/<dashboard>/static/diagnostic.html

This provides an indication of the violations index status based on the "domain":

N/A - the domain is mapped to a Measurement Service schema or the Dashboard Service schema was installed with CAST AIP < 8.3.3)
toCreate - no index has ever been created for this domain
toUpdate - an index exists for this domain, but it is outdated because a new snapshot has been computed since the index creation
upToDate - an index exists and is up-to-date. When this status is shown, the index for the Advanced Search feature is ready and available.

In the following example the index has never been generated since the status is set to "toCreate":

Click to enlarge

CAST Security > Security Dashboard - Search Options > index_status1.jpg

To generate the index, click the Create/Update Index button. During generation the status "Indexing" will be displayed and on completion, the status will change to "upToDate":

Click to enlarge

CAST Security > Security Dashboard - Search Options > index_status2.jpg

Using the RestAPI

This method requires that the user has the ADMIN role.

Use the RestAPI client:

http://<server>:<port>/<dashboard>/static/default.html

Using the following URI with a PUT will generate the index (where <domain> is more than likely set to AED, unless you have custom domains):

<domain>/violations-index

Then use the same URI with a GET will show the index status:

CAST Security > Security Dashboard - Search Options > index_status3.jpg

Generating the index when the web application starts

This method will force the violations index to be generated if its status is toUpdate (i.e. the index exists but is out-of-date because a new snapshot has been computed since the index creation) every time the web application is started, i.e.:

When the web application host (e.g. Apache Tomcat) starts up or restarts
When the web application is restarted through the Apache Tomcat management console

CAST only recommends using this option if your Dashboard Service schema is small - since the index is generated during web application startup, this can impact performance.

Edit the following file with a text editor:

%CATALINA_HOME%\webapps\<dashboard>\WEB-INF\web.xml

Set the following configuration to true:

<context-param>
	<param-name>rebuildViolationsSearchIndexesOnStart</param-name>
	<param-value>true</param-value>
</context-param>

Save the file. Next time the web application is started the index will be generated.

Using a custom batch file

This method requires that the user has the ADMIN role.

This method is to be used when you have a configuration in the domains.properties file - i.e. multiple "domains". The custom batch will generate the violations index for all the domains configured in the domains.properties file.

Create the following batch files in the %CATALINA_HOME%\webapps\<dashboard>\WEB-INF folder an then run the launch.bat file to start the index generation:

@echo off
@echo Computing Violations Indexes ...

util.bat > util.log
@echo --------------------------------

@echo off
setlocal enableDelayedExpansion
@echo Automated Violations Indexes Creation
@echo -------------------------------------
 
for /F "delims== eol=#" %%D in (domains.properties) do (
	@echo Process %%D/violations-index
	start /B titi.bat %%D
	@echo.
)

In the following file (titi.bat), you need to modify the line starting curl to match your environment:

Replace user:pwd with a user that has the ADMIN role and their password.
Replace http://localhost:8080/<dashboard>/rest/%domain%/violations-index with the URL to your dashboard.

@echo off
prompt $_
setlocal enableDelayedExpansion
set "domain=%~1"
 
@echo Start  %domain% !DATE!_!TIME!
curl -s -u user:pwd -X PUT http://localhost:8080/<dashboard>/rest/%domain%/violations-index
@echo  is the response from %domain%
@echo Finish %domain% !DATE!_!TIME!

Note that following the generation of a new snapshot, the violations index status will change to toUpdate, therefore CAST recommends regenerating the index to take into account the data available in the new snapshot.

Using the Advanced Search feature

When the feature is accessed and the violations index has been generated, the following will be displayed:

CAST Security > Security Dashboard - Search Options > advanced_search_gui.jpg

Left hand panel

The left hand panel provides a set of filters that can be used to narrow down the search cope. Filters are explained in XXXX.

Right hand panel

The right hand panel list the results of the search. Key points:

with no search criteria or filters enabled will show all violations available in the currently selected snapshot indicated by the following text:

CAST Security > Security Dashboard - Search Options > violations.jpg

a search field is available for you to enter the object name you are searching for. Results in will be updated in real time.

CAST Security > Security Dashboard - Search Options > search_box.jpg

you can download the results to an Excel file for portability requirements:

CAST Security > Security Dashboard - Search Options > download.jpg

20 results are shown. Use the Show More button to display additional results:

the result lists uses the following columns:

CAST Security > Security Dashboard - Search Options > AP_checkbox.jpg

Option to add/remove the violation from the Action Plan or the Scheduled Exclusion List. Note that to interact with the Action Plan/Scheduled List, your user login must have the role QUALITY_MANAGER/EXCLUSION_MANAGER roles. These can be assigned at user level (when using Default Authentication mode) or via user or group (when using Standard LDAP authentication).

Action / Exclusions

Indicates whether the violation has been added to the Action Plan or the Scheduled Exclusion List:

	Item has been added to the Action Plan.
	Item has been added to the Scheduled Exclusion List.

Object Name Location

Displays the object name, and in the case of file based objects (as oppose to Database objects), the location on disk of the object.

Status

Displays the status of the object in comparison to the previous snapshot - e.g.:

Added
Updated
Deleted
Unchanged

Clicking this icon will take you direct to the object in the Application Investigation view.

Using filters for the Advanced Search

The filters available in the left hand panel enable the search scope to be limited. The following filters can be enabled by expanding the section and selecting with a tick:

Criteria or Rules	Restrict the scope via a Health Measure, Technical Criterion or Rule (or a combination). Displayed results are union of selected Criteria results, with duplicate violations omitted. Sorting is disabled on this section.
Weight	Restrict the scope via the weight of the rule in its parent Technical Criterion.
Criticality	Restrict the scope via the criticality of the rule (Critical or Non Critical).
Violation Status	Restrict the scope to the violation status in the current snapshot: Added, Updated, Unchanged. Displayed results are an OR of selected violation status results and AND of other filters selected values (eg : Criteria or rules, Technologies ,Transactions , Critical ,Module) with duplicate violations omitted. Violation status remains selected even after navigating to other views and coming back to Advanced search.
Transactions	Restrict the scope to objects that are classed as transactions.
Technologies	Restrict the scope to the technologies that are present in the current snapshot. Displayed results are an OR of selected technologies results and AND of other filters selected values (eg : Criteria or rules, Modules ,Transactions , Critical ,Violation status) with duplicate violations omitted.
Modules	Restrict the scope to a module in the current snapshot. Displayed results are an OR of selected module results and AND of other filters selected values (eg : Criteria or rules, Technologies ,Transactions , Critical ,Violation status) with duplicate violations omitted. Module remains selected even after navigating to other views and coming back to Advanced search.

Note that an indicator will show how many filters have been selected:

CAST Security > Security Dashboard - Search Options > indicator.jpg