Executing a policy

Edit online

Policy execution describes the various methods that may be used to invoke and run compliance policies can be validated against the network. It also describes the steps a user must take in order to execute the policies that have been created on the network.

Before you begin

Please note in the event that realms are moved or renamed, any previously scheduled policies which are set to execute against devices involved in the changed realms shall execute against zero devices. This is only an issue if the realms are changed while the Netcool Configuration Manager - Compliance server is stopped.

Policy execution can be triggered by a number of events: on demand initiation, scheduled initiation and automatic initiation.

Note: Please ensure that the correct security access is obtained before attempting to execute any policies. The user must be a member of a group who has "Execution" rights. This enables the user to execute compliance entities.

About this task

The following outlines the steps required to execute an ad-hoc policy.

Procedure

  1. Navigate to the policy in the Execution tab, either right click and select execute policy or select the 'Execute' icon
  2. The Create & Execute Adhoc Process screen will be displayed. This screen requests a name and description to be added for the purposes of the policy execution. The Name field will be pre-filled with the server date and time. The name field is mandatory. Click Next to progress.
  3. The Select Devices screen shall be displayed.
  4. The Devices/Realms that are required to execute the Policy against should be selected. Using the navigation tree in the Device pane, select the necessary devices or realms.
    The Check device coverage button will inform if all devices in selection are covered by the policies, which will allow the user to continue to the next step. If there is a problem with the device coverage, the Policy Coverage Check screen will be displayed. This will give a reason such as: Policy not applicable or No rule applicable.
  5. Click Next on the Select Device screen to progress
  6. Immediately before the Parameters screen is displayed, a pop-up box will appear to confirm the user would like to view parameters. Select ‘Yes' to view the parameters (if any) from the selected policies. If parameters have been used in any of the policy definitions that are included in a process, the appropriate override value must be provided in this screen if required.
  7. The Report Options screen is displayed. The following table describes the options available.
    Table 1. Report options
    Option Description
    Generate Report When checked this will generate a report each time that the policy is executed. By default this is unchecked.
    Report Type Options are Summary, Policy, Device and Validation Detail.

    Summary reports provides a bar chart showing the results by result category, and another bar chart showing the breakdown of failed results by severity.

    Policy reports list the compliance validation results for each device. The results can be further interrogated to produce the Validation Detail report.

    Device Reports list the compliance validation results for each policy. The results can be further interrogated to produce the Validation Detail report.

    The Validation Detail reports provides a further level of information on the Device/Policy reports to determine what impact the evaluation criteria had on the result.
    Show Results User can choose which Results they wish to report on. By default all validation results are shown, but the user can opt to exclude any of the following results: Pass, Exempt, Fail, Not Assessed
    Show Severity Levels User can choose which Severity Levels they wish to report on: Severity 1-5. By default all Severity Levels shall be included in the report, but users have the option to exclude certain severity levels from the report
    Note: The Show Results and Show Severity Levels report options are greyed out if the "Summary" report type is chosen. The Summary report is based on all validation results (i.e. Passed, Failed, Exempt, Not Assessed), and also includes all severity levels.
    Please enter the information as required, and click Next to continue to the next screen.
  8. The Distribution screen is displayed. This is an optional screen. Please note that report distribution and report storage options are only available for Scheduled reports.
    As part of report distribution, an e-mail message can be constructed using the template provided. The E-mail body is free-text and can be used to add any comments as required. There are a number of file types supported for the Report email attachment, including: PDF, HTML, Excel, Text, RTF, XML, PostScript and Result File.
    Report Storage provides ability to save the report result on the server for retrieval at a later date. Report storage when checked will store the report in the "Saved Reports" tab for later retrieval.
  9. Click Finish to complete the Policy execution.
  10. When the policy executes, the user interface defaults to the Process Execution Summary in the Results tab. The progress of the policy execution can be tracked with the help of this screen. In the Process Execution Summary screen, a policy executed will have an execution type of "AdHoc".