Viewing policy reports

Policies control the access and rights provided to users over files and records. These access-related tasks are logged and presented to the user when required. It enables users to monitor the files and the data accessed. This report is generated by the triggering agent every time a policy or data store is added, modified, or deleted. It can be analyzed and used for an audit for ascertaining the integrity of policies.

If a report is present where policies were not modified, then a breach might have occurred. These instances can be further analyzed to find and patch security issues. A new policy report is generated when this reporting agent is first installed on the ESA. This ensures that the initial state of all the policies on all the data stores in the ESA. A user can then use the Protegrity Analytics to list all the reports that were saved over time and select the required reports.

Ensure that the required policies that must be displayed in the report are deployed. Perform the following steps to view the policies deployed.

  1. Log in to the ESA Web UI.
  2. Navigate to Policy Management > Policies & Trusted Application > Policies.
  3. Verify that the policies to track are deployed and have the Deploy Status as OK.

If the reporting tool is installed when a policy is being deployed, then the policy status in the report might show up as Unknown or as a warning. In this case, manually deploy the policy again so that it is displayed in the Policy Report.

Perform the following steps to view the policy report.

  1. In the ESA, navigate to Audit Store > Analytics > Policy Report.

    The Policy screen appears.

  2. Select a time period for the reports using the From and To date picker. This is an optional step. The time period narrows the search results for the number of reports displayed for the selected data store.

  3. Select a data store from the Deployed Datastore list.

  4. Click Search.

    The reports are filtered and listed based on the selection.

  5. Click the link for the report to view.

    For every policy deployed, the following information is displayed:

    • Policy details: This section displays the name, type, status, and last modified time for the policy.
    • List of Data Elements: This table displays the name, description, type, method, and last modified date and time for a data element in the policy.
    • List of Data Stores: This table lists the name, description, and last modified date and time for the data store.
    • List of Roles: This table lists the name, description, mode, and last modified date and time for a role.
    • List of Permissions: This table lists the various roles and the permissions applicable with the role.
  6. Print the report for comparing and analyzing the different reports that are generated when policies are deployed or undeployed. Alternatively, click the Back button to go back to the search results. Print the report using the landscape mode.