Auditor Help: Report Use & Format

A browser opens automatically displaying the HTML report with a directory tree in the left frame and content in the right frame. The directory tree is both an overview and a navigational device, allowing you to locate and open specific sections of the report.

sample HTML report

In the tree, a plus icon (+ plus sign) indicates that more information is available below the displayed level. Click on a plus icon to expand the tree and display the next level of information. A minus icon (- minus sign / hyphen) appears when no more information is available; click the minus icon to collapse the tree.

Clicking on one of the headings (aka "nodes") in the left displays the HTML content pages in the right frame and adds a highlight to that node and heading in the tree as a visual reminder of where the information fits in context of your report.

Each HTML page of the report offers a link to Click here for the short/long version so you can toggle back and forth between the detailed long form or the "just the facts" short form for as much detail on each subject as you desire.

  • Short form - lists data gathered and compiled into a compact, easily readable document.
  • Long form - includes all the data in the short form plus definitions, helpful hints, and warnings about a suspicious or sub-optimal setting, as well as references to external resources. This additional information is particularly useful in troubleshooting, training, and security assessments.

Full Documentation Reports

Documentation reports use a split-screen with three panes. Navigate the directory tree in the left to see the changes in each section. The top section of the right frame is the status "before" a change occurred and the bottom section is the status "after" a change. Rather than simply flagging the server that changed and forcing IT staff into a research project, the change report shows exactly what the settings were and are. In addition to the obvious security benefits of knowing any change in your environment, the change reports create a complete audit trail.

Full documentation reports are generated from the repo.dat.bz2 file(s). These reports do not use or require the database. The only customization possible is selecting various attributes to be contained in the report. Full-documentation reports contain a comprehensive set of the attributes collected.

Resources  See also Creating Documentation Reports.

Change Reports

Change reports use a split-screen with three panes. Navigate the directory tree in the left to see the changes in each section. The top section of the right frame is the status "before" a change occurred and the bottom section is the status "after" a change. Rather than simply flagging the server that changed and forcing IT staff into a research project, the change report shows exactly what the settings were and are. In addition to the obvious security benefits of knowing any change in your environment, the change reports create a complete audit trail.

Change Report

Change reports are generated from the repo.dat.bz2 file(s). These reports do not use or require the database. The only customization possible is selecting various attributes to be contained in the report. Change reports compare a "Reference" snapshot for a specific machine to a target snapshot to find differences. It is necessary to have collected data at least once previously to select the device for a change comparison.

Resources  See also Creating Change Reports.

Baseline Reports

Baseline reports use a split-screen with three panes. Navigate the directory tree to compare each server to your standard. The top section of the right frame contains the reference server (your "gold standard") and the bottom section contains the selected target server's differences when compared against the standard.

Baseline Report

Baseline reports are generated from the repo.dat.bz2 file(s). These reports do not use or require the database. The only customization possible is selecting various attributes to be contained in the report. Change reports compare a "Reference" snapshot for a specific machine to a target snapshot to find differences. It is necessary to have collected data at least once previously to select the device for a change comparison.

Resources  See also Creating Baseline Reports.

Fact-Finding Reports

Fact-Finding reports include a series of tables that result from the queries provided with the software or that you create.

Warning

Resources  See also Creating FFR Reports.

Consolidated Change Log

Consolidated Change Log reports include a series of tables that result from your selections against the available data sets.

Resources  See also Creating CCL Reports.

Legend of Symbols and Icons

The following symbols and icons are used throughout the reports.

Helpful HintTip helpful, but not strictly necessary, information.
Note!Note reminders, advice, additional information.
WarningAlert important information; there are (or can be) negative ramifications without this knowledge or as a result of specific related choices.
ReferenceReference additional related information is available in an external source (beyond the current file).
DefaultDefault a gray diamond indicates a default value; a value that matches the system default (this can indicate that there was no data and the software has filled in the default value).
ErrorError a red diamond indicates an error collecting the data or setting - most commonly because access was denied due to inadequate privileges. In the HTML version, the specific reason or error message is displayed when you move the cursor over ("mouse over") the symbol. In the DOC version, the specific reason or error message is displayed in a footnote.

Note! Note: An "<unknown>" or "<none identified>" may appear in your report if the data field is blank, if you have inadequate rights to access the data, if the field has security blocking, or, the target system has an unconventional setup. Check the text on mouse-over or in the footnote for a brief explanation.

*.VSD (Visio) Diagrams

Note! Note: Viewing the Visio diagrams requires that you have Visio installed. Please see the System Requirements.

To provide an overview of your infrastructure, Ecora generates Visio diagrams automatically. In the HTML directory tree, scroll down to the Visio Diagrams node.

Click to expand the Visio Diagram node and select which diagram to view. Once you have displayed the page with an overview of the diagram's content, click on the diagram link to automatically open Visio and display the diagram.

Each diagram is displayed with a legend key to explain the symbols used, including line styles and icons.

You can edit the diagrams and save modifications as separate files. The HTML report will prompt you to use your file or generate a fresh (unmodified) diagram. For more information about how to use Visio to modify the diagrams, consult your Visio documentation or help system.

*.DOC Reports

The DOC format report provides a continuous single file better suited to printing and editing. DOC reports are associated with Microsoft Word, StarOffice, or whatever application is associated with a .doc extension on the installed system.

To access the DOC reports, return to the main user interface and use the left panel to navigated to the correct directory, then locate the Long.doc or Short.doc, and double-click on the chosen file.

*.CSV Reports

Comma-Separated-Value (CSV) reports include the collected settings only, without any explanations. Best for importing into database software so complex custom queries can be created.

Windows automatically associates Microsoft Excel if it is installed, but any database or spreadsheet application that can handle a comma-delimited file can be associated with the .csv file type or used to open it as necessary without being associated.

The files are named for the data they contain and saved, by default, to the /data directory within the default storage directory (specified in the Settings dialog box). The associated csv.sch file is the "schema" file that defines the data organization and relationships necessary to import the data into a meaningful relational database.

Note! Note: CSV output is PROPRIETARY Ecora data licensed for your internal use ONLY, not for export into any applications beyond internal analysis tools.

Resource For in-depth, technical specifications of CSV output, see Ecora CSV architecture.