View Configuration Compliance test results

  • Release version: Xanadu
  • Updated August 1, 2024
  • 3 minutes to read

    • View Configuration Compliance test results for auditing and remediation. The test results are automatically created during third-party vulnerability integration imports.

    Important:
    You can view the test results created during the third-party vulnerability integration imports in the Vulnerability Manager Workspace. For more information, see List page in the Vulnerability Manager Workspace.

    Before you begin

    Role required:
    • sn_vulc.read to view
    • sn_vulc.remediation_owner to view and update
    • sn_vulc.delete to delete

    About this task

    Configuration Compliance does not create or update the test results, but imports them as part of a third-party integration. Once they are viewable in Configuration Compliance, they are remediated using Test Result Groups.

    Note:
    Starting with v14.9 of Configuration Compliance, the following terms have been renamed:
    Table 1. Changes in terminology
    Terminology prior to v14.9 Terminology v14.9 onwards
    Test Result Group Remediation Task
    Group Rules Remediation Task Rules
    Policy Test group

    Procedure

    1. Navigate to All > Configuration Compliance > Test Results.
      Starting with v15.0 of Configuration Compliance, the following columns appear in the Test Results list.
      Table 2. Test Results list
      Column Description
      Active Indicates if a test result is active. A test result is marked:
      • True: If the State isn’t Closed.
      • False: If the State is Closed.
      Age Time period for which a test result is active since it was last open.

      This field is empty for the closed test results.

      Format: Days HH:MM: SS
      Age closed Time period for which a test result was active before it transitioned to ‘Closed'. When the test result transitions to ‘Closed', the value from the Age column is displayed in the Aged closed field.

      This field is empty for an active test result.

      Format: Days HH:MM: SS

      For more information on how to customize the Age closed calculation, see the KB1703270 article.
      Closed Timestamp at which a test result is closed.

      Format: YYYY-MM-DD HH:MM: SS
      Last opened Timestamp at which a test result is opened, that is, when the Active field value changes to true.
    2. Open the control that you want to view.
      Table 3. Configuration Compliance test result form fields
      Field Description
      Number The number assigned to the test during the import process.
      Source The system name of the third-party SCA application, or the name entered in the application plugin for the API that is used to communicate with Configuration Compliance.
      Source ID The identifier assigned to the control by the SCA application.
      Result Passed, Failed, Error, or Unknown. Imported from Qualys.
      Risk score Calculator result for this test.

      Prior to v15.0 of Configuration Compliance, the risk score of a passed test result is set to '0'. Starting with v15.0 of Configuration Compliance, the risk score of the passed test result isn’t changed to '0' so that you can estimate the risk mitigated. The risk score of the passed test result isn’t included in calculating the risk score of a remediation task.
      Risk rating Based on a range of risk scores on a 1-5 numeric scale that rates overall risk based on a range of risk scores as 1 - Critical to 5 - None. This field replaces the Priority field in previous versions.
      State Calculated from the remediation tasks that the test result belongs to. If the test result belongs to multiple groups, an order of precedence is applied to determine state.
      Resolution Calculated from the remediation tasks that the test result belongs to. If the test result belongs to multiple groups, an order of precedence is applied to determine resolution.
      First seen Date first imported into Configuration Compliance.

      Starting with v13.1.1, the First seen field displays the date provided by the scanner. Otherwise, it displays the date first imported into Configuration Compliance.
      Last seen Date last imported into Configuration Compliance.

      Starting with v13.1.1, the Last seen field displays the date provided by the scanner. Otherwise, it displays the date last imported into Configuration Compliance.
      Last pass Latest date on which the test result is passed.
      Test Name of the test.
      Configuration item Name of the CI attached to the test.
      Technology Software version running on the CI.
      Description Description of the test
      Expected Values Expected values configured in Qualys and imported by Configuration Compliance. This value is a Boolean expression that when evaluated to true makes the test result Passed. The expression can be a combination of logical, set, or regular expression operators.
      Actual Values Values returned by the test. These values are plugged into the expected values Boolean expression to determine if the result should pass or fail. They’re imported from Qualys.

      Starting with version 14.9 of Configuration Compliance, the Extended Evidence and Cause of Failure values are added in the Actual Values column.
      Remediation Remediation instructions.
      Related Tabs
      Remediation Tasks Remediation tasks associated with this test result.
      Test Result History Related list of test results that show the history of pass/fail results for the same CI/technology/test.