Merge pull request #100293 from agantony/ROX31089-rhacs-docs-main

agantony · web-flow · commit 1e15e073a7da · 2025-10-22T22:19:34.000+05:30
[RHACS] [Docs] ROX-31089: Docs for CSV Effort for Vulnerability Management views
diff --git a/_topic_maps/_topic_map.yml b/_topic_maps/_topic_map.yml
@@ -255,7 +255,7 @@ Topics:
     File: vulnerability-management
   - Name: Viewing and addressing vulnerabilities
     File: common-vuln-management-tasks
-  - Name: Reporting vulnerabilities
+  - Name: Vulnerability reporting
     File: vulnerability-reporting
   - Name: Using the vulnerability management dashboard (deprecated)
     File: vulnerability-management-dashboard
diff --git a/modules/checking-job-status-and-downloading-a-vulnerability-report-in-csv-format.adoc b/modules/checking-job-status-and-downloading-a-vulnerability-report-in-csv-format.adoc
@@ -0,0 +1,30 @@
+// Module included in the following assemblies:
+//
+// * operating/manage-vulnerabilities/vulnerability-reporting.adoc
+
+:_mod-docs-content-type: PROCEDURE
+[id="checking-job-status-and-downloading-a-vulnerability-report-in-csv-format_{context}"]
+= Checking job status and downloading a vulnerability report in CSV format
+
+You can check the job status and download a vulnerability report in CSV format when it is ready for download.
+
+[NOTE]
+====
+Vulnerability report generation jobs are purged according to the job retention settings.
+====
+
+.Procedure
+
+. To download a generated report, in the *View-based reports* list, click *Report ready for download*.
+. Optional: Choose the appropriate method to re-organize the view-based vulnerability report list:
+* To filter the list according to the job status, click *Report job status*, and then select one or more job statuses.
++
+The following values are associated with the job status:
++
+** `Waiting`
+** `Preparing`
+** `Report ready for download`
+** `Report failed to generate`
+
+* To sort the list in ascending or descending order according to the date and time the jobs are completed, click the *Completed* column heading.
+* To view only the jobs that you created, set *View only my jobs* to on.
diff --git a/modules/exporting-vulnerability-report-as-a-csv-file.adoc b/modules/exporting-vulnerability-report-as-a-csv-file.adoc
@@ -0,0 +1,16 @@
+// Module included in the following assemblies:
+//
+// * operating/manage-vulnerabilities/vulnerability-reporting.adoc
+
+:_mod-docs-content-type: PROCEDURE
+[id="exporting-vulnerability-report-as-a-csv-file_{context}"]
+= Exporting vulnerability report as a CSV file
+
+You can export a vulnerability report according to the custom filters you have applied to organize the vulnerability findings list.
+
+.Procedure
+
+. In the {product-title-short} portal, click *Vulnerability Management* -> *Results*.
+. Click *Create report*, and then select *Export report as CSV*.
+. In the *Export report as CSV* window, click *Generate report*.
+. To check the status and download the report, click *View status in reports table*.
diff --git a/modules/vulnerability-management20-clone-reports.adoc b/modules/vulnerability-management20-clone-reports.adoc
@@ -10,8 +10,8 @@
 You can make copies of vulnerability report configurations by cloning them. This is useful when you want to reuse report configurations with minor changes, such as reporting vulnerabilities in different deployments or namespaces.
 
 .Procedure
-. In the {product-title-short} web portal, click *Vulnerability Management* -> *Vulnerability Reporting*.
+. In the {product-title-short} portal, click the *Vulnerability Management* -> *Vulnerability Reporting* -> *Report configurations* tab.
 . Locate the report configuration that you want to clone in the list of report configurations.
-. Click *Clone report*.
+. Click the overflow menu, {kebab}, and then click *Clone report*.
 . Make any changes that you want to the report parameters and delivery destinations.
-. Click *Create*.
+. Review the report parameters, and then click *Save*.
diff --git a/modules/vulnerability-management20-creating-report.adoc b/modules/vulnerability-management20-creating-report.adoc
@@ -10,19 +10,19 @@
 {product-title-short} guides you through the process of creating a vulnerability management report configuration. This configuration determines the information that will be included in a report job that runs at a scheduled time or that you run on demand.
 
 .Procedure
-. In the {product-title-short} portal, click *Vulnerability Management* -> *Vulnerability Reporting*.
+. In the {product-title-short} portal, click the *Vulnerability Management* -> *Vulnerability Reporting* -> *Report configurations* tab.
 . Click *Create report*.
 . In the *Configure report parameters* page, provide the following information:
 ** *Report name*: Enter a name for your report configuration.
 ** *Report description*: Enter a text describing the report configuration. This is optional.
 ** *CVE severity*: Select the severity of common vulnerabilities and exposures (CVEs) that you want to include in the report configuration.
-** *CVE status*: Select one or more CVE statuses. 
+** *CVE status*: Select one or more CVE statuses.
 +
 The following values are associated with the CVE status:
 +
 *** *Fixable*
 *** *Unfixable*
-** *Image type*: Select one or more image types. 
+** *Image type*: Select one or more image types.
 +
 The following values are associated with image types:
 +
@@ -40,9 +40,9 @@ You can select one or more columns to include in the report configuration.
 *** Select the *Include EPSS probability* checkbox, if you want to include the EPSS probability column in the report configuration.
 *** Select the *Include advisory name and link* checkbox, if you want to include the advisory name and link column in the report configuration.
 ** *Configure collection included*: To configure at least one collection, do any of the following tasks:
-*** Select an existing collection that you want to include. 
+*** Select an existing collection that you want to include.
 +
-To view the collection information, edit the collection, and get a preview of collection results, click *View*. 
+To view the collection information, edit the collection, and get a preview of collection results, click *View*.
 +
 When viewing the collection, entering text in the field searches for collections matching that text string.
 *** To create a new collection, click *Create collection*.
diff --git a/modules/vulnerability-management20-delete-reports.adoc b/modules/vulnerability-management20-delete-reports.adoc
@@ -10,6 +10,6 @@
 Deleting a report configuration deletes the configuration and any reports that were previously run using this configuration.
 
 .Procedure
-. In the {product-title-short} web portal, click *Vulnerability Management* -> *Vulnerability Reporting*.
+. In the {product-title-short} portal, click the *Vulnerability Management* -> *Vulnerability Reporting* -> *Report configurations* tab.
 . Locate the report configuration that you want to delete in the list of reports.
 . Click the overflow menu, {kebab}, and then select *Delete report*.
diff --git a/modules/vulnerability-management20-download-reports.adoc b/modules/vulnerability-management20-download-reports.adoc
@@ -15,14 +15,14 @@ You can only download reports that you have generated; you cannot download repor
 ====
 
 .Procedure
-. In the {product-title-short} web portal, click *Vulnerability Management* -> *Vulnerability Reporting*.
+. In the {product-title-short} portal, click the *Vulnerability Management* -> *Vulnerability Reporting* -> *Report configurations* tab.
 . In the list of report configurations, locate the report configuration that you want to use to create the downloadable report.
-. Generate the vulnerability report by using one of the following methods:
-* To generate the report from the list:
-.. Click the overflow menu, {kebab}, and then select *Generate download*. The *My active job status* column displays the status of your report creation. After the *Processing* status goes away, you can download the report.
-* To generate the report from the report window:
-.. Click the report configuration name to open the configuration detail window.
-.. Click *Actions* and select *Generate download*.
-. To download the report, if you are viewing the list of report configurations, click the report configuration name to open it.
-. Click *All report jobs* from the menu on the header.
-. If the report is completed, click the *Ready for download* link in the *Status* column. The report is in `.csv` format and is compressed into a `.zip` file for download.
+. Choose the appropriate method to generate the vulnerability report:
+* To generate the report from the *Report configurations* tab, complete the following steps:
+.. Click the overflow menu, {kebab}, and then select *Generate download*.
+.. After the report is generated, click the *Ready for download* link in the *My last job status* column. The report is in `.csv` format and is compressed into a `.zip` file for download.
+* To generate the report from the *Configuration details* tab, complete the following steps:
+.. To open the *Configuration details* tab, click the report configuration name.
+.. Click *Actions*, and then select *Generate download*.
+.. Click the *All report jobs* tab from the menu on the header.
+.. After the report is generated, click the *Ready for download* link in the *Status* column. The report is in `.csv` format and is compressed into a `.zip` file for download.
diff --git a/modules/vulnerability-management20-edit-reports.adoc b/modules/vulnerability-management20-edit-reports.adoc
@@ -10,8 +10,8 @@
 You can edit existing vulnerability report configurations from the list of report configurations, or by selecting an individual report configuration first.
 
 .Procedure
-. In the {product-title-short} web portal, click *Vulnerability Management* -> *Vulnerability Reporting*.
+. In the {product-title-short} portal, click the *Vulnerability Management* -> *Vulnerability Reporting* -> *Report configurations* tab.
 . To edit an existing vulnerability report configuration, complete any of the following actions:
 * Locate the report configuration that you want to edit in the list of report configurations. Click the overflow menu, {kebab}, and then select *Edit report*.
 * Click the report configuration name in the list of report configurations. Then, click *Actions* and select *Edit report*.
-. Make changes to the report configuration and save.
+. Make changes to the report configuration, and then click *Save*.
diff --git a/modules/vulnerability-management20-report-review-create.adoc b/modules/vulnerability-management20-report-review-create.adoc
@@ -10,5 +10,5 @@
 You can review the details of your vulnerability report configuration before creating it.
 
 .Procedure
-. In the *Review and create* section, you can review the report configuration parameters, delivery destination, email template that is used if you selected email delivery, delivery schedule, and report format. To make any changes, click *Back* to go to the previous section and edit the fields that you want to change.
-. Click *Create* to create the report configuration and save it.
+. In the *Review* section, you can review the report configuration parameters, delivery destination, email template that is used if you selected email delivery, delivery schedule, and report format. To make any changes, click *Back* to go to the previous section and edit the fields that you want to change.
+. To create the report configuration and save it, click *Save*.
diff --git a/modules/vulnerability-management20-retention-settings.adoc b/modules/vulnerability-management20-retention-settings.adoc
@@ -22,11 +22,10 @@ These settings do not affect the following vulnerability report jobs:
 
 .Procedure
 . In the {product-title-short} web portal, go to *Platform Configuration* -> *System Configuration*. You can configure the following settings for vulnerability report jobs:
-* *Vulnerability report run history retention*: The number of days that a record is kept of vulnerability report jobs that have been run. This setting controls how many days that report jobs are listed in the *All report jobs* tab under *Vulnerability Management* -> *Vulnerability Reporting* when a report configuration is selected. The entire report history after the exclusion date is deleted, with the exception of the following jobs:
+* *Vulnerability report run history retention*: The number of days that a record is kept of vulnerability report jobs that have been run. This setting controls how many days that report jobs are listed in the *Report configurations* tab under *Vulnerability Management* -> *Vulnerability Reporting* when a report configuration is selected. The entire report history after the exclusion date is deleted, with the exception of the following jobs:
 ** Unfinished jobs.
 ** Jobs for which prepared downloadable reports still exist in the system.
 ** The last successful report job for each job type (scheduled email, on-demand email, or download). This ensures users have information about the last run job for each type.
-* *Prepared downloadable vulnerability reports retention days*: The number of days that prepared, on-demand downloadable vulnerability report jobs are available for download on the *All report jobs* tab under *Vulnerability Management* -> *Vulnerability Reporting* when a report configuration is selected.
+* *Prepared downloadable vulnerability reports retention days*: The number of days that prepared, on-demand downloadable vulnerability report jobs are available for download on the *Report configurations* tab under *Vulnerability Management* -> *Vulnerability Reporting* when a report configuration is selected.
 * *Prepared downloadable vulnerability reports limit*: The limit, in MB, of space allocated to prepared downloadable vulnerability report jobs. After the limit is reached, the oldest report job in the download queue is removed.
 . To change these values, click *Edit*, make your changes, and then click *Save*.
-
diff --git a/modules/vulnerability-management20-send-reports.adoc b/modules/vulnerability-management20-send-reports.adoc
@@ -10,6 +10,6 @@
 You can send vulnerability reports immediately, rather than waiting for the scheduled send time.
 
 .Procedure
-. In the {product-title-short} web portal, click *Vulnerability Management* -> *Vulnerability Reporting*.
+. In the {product-title-short} portal, click the *Vulnerability Management* -> *Vulnerability Reporting* -> *Report configurations* tab.
 . In the list of report configurations, locate the report configuration for the report that you want to send.
-. Click the overflow menu, {kebab}, and then select *Send report now*.
+. Click the overflow menu, {kebab}, and then select *Send report*.
diff --git a/operating/manage-vulnerabilities/common-vuln-management-tasks.adoc b/operating/manage-vulnerabilities/common-vuln-management-tasks.adoc
@@ -23,18 +23,18 @@ Currently, vulnerability information is provided in pages that are accessed by s
 include::modules/vulnerability-management-components-portal.adoc[leveloffset=+1]
 
 //viewing vulns in user workloads
-include::modules/vulnerability-management20-view-workload-cve.adoc[leveloffset=+1]
+include::modules/vulnerability-management20-view-workload-cve.adoc[leveloffset=+2]
 
 :context: vulns-platforms
 //viewing vulns in platforms
-include::modules/vulnerability-management20-view-platform-cve.adoc[leveloffset=+1]
+include::modules/vulnerability-management20-view-platform-cve.adoc[leveloffset=+2]
 :!context:
 
 :context: vulns-nodes
 //Viewing vulns in nodes
-include::modules/viewing-node-cves.adoc[leveloffset=+1]
+include::modules/viewing-node-cves.adoc[leveloffset=+2]
 
-include::modules/disable-identify-vulnerabilities-in-nodes.adoc[leveloffset=+2]
+include::modules/disable-identify-vulnerabilities-in-nodes.adoc[leveloffset=+3]
 
 .Additional resources
 * xref:../../operating/manage-vulnerabilities/scan-rhcos-node-host.adoc#understanding-node-cves-scanner-v4_scan-rhcos-node-host[Understanding differences in scanning results between the StackRox Scanner and Scanner V4]
@@ -45,20 +45,20 @@ include::modules/disable-identify-vulnerabilities-in-nodes.adoc[leveloffset=+2]
 :context: more-views
 //more views
 
-include::modules/vulnerability-management-accessing-additional-views.adoc[leveloffset=+1]
+include::modules/vulnerability-management-accessing-additional-views.adoc[leveloffset=+2]
 
 //all vulnerable images
-include::modules/vulnerability-management-more-views-all-vuln-images.adoc[leveloffset=+2]
+include::modules/vulnerability-management-more-views-all-vuln-images.adoc[leveloffset=+3]
 
 //inactive images
-include::modules/scan-inactive-images.adoc[leveloffset=+2]
+include::modules/scan-inactive-images.adoc[leveloffset=+3]
 
 //Analyze images and deployments without observed CVEs
-include::modules/analyze-images-and-deployments-without-observed-cves.adoc[leveloffset=+2]
+include::modules/analyze-images-and-deployments-without-observed-cves.adoc[leveloffset=+3]
 
 //kubernetes components
 
-include::modules/vulnerability-management-viewing-kubernetes-vulnerabilities.adoc[leveloffset=+2]
+include::modules/vulnerability-management-viewing-kubernetes-vulnerabilities.adoc[leveloffset=+3]
 
 :!context:
 
diff --git a/operating/manage-vulnerabilities/vulnerability-reporting.adoc b/operating/manage-vulnerabilities/vulnerability-reporting.adoc
@@ -8,7 +8,7 @@ toc::[]
 
 [role="_abstract"]
 
-You can create and download an on-demand image vulnerability report from the *Vulnerability Management* -> *Vulnerability Reporting* menu in the {product-title-short} web portal. This report contains a comprehensive list of common vulnerabilities and exposures in images and deployments, referred to as workload CVEs or user workloads in {product-title-short}.
+You can create and download an on-demand image vulnerability report by clicking the *Vulnerability Management* -> *Vulnerability Reporting* -> *Report configurations* tab in the {rh-rhacs-first} portal. This report contains a comprehensive list of common vulnerabilities and exposures in images and deployments, referred to as workload CVEs or user workloads in {product-title-short}.
 
 To share this report with auditors or internal stakeholders, you can schedule emails in {product-title-short} or download the report and share it by using other methods.
 
@@ -23,25 +23,31 @@ include::modules/vulnerability-management20-configure-report-delivery-destinatio
 include::modules/vulnerability-management20-report-review-create.adoc[leveloffset=+2]
 
 //report permissions
-include::modules/vulnerability-management20-permissions.adoc[leveloffset=+1]
+include::modules/vulnerability-management20-permissions.adoc[leveloffset=+2]
+
+//Exporting vulnerability report as a CSV file
+include::modules/exporting-vulnerability-report-as-a-csv-file.adoc[leveloffset=+2]
+
+//Checking job status and downloading a vulnerability report in CSV format
+include::modules/checking-job-status-and-downloading-a-vulnerability-report-in-csv-format.adoc[leveloffset=+3]
 
 //editing reports
-include::modules/vulnerability-management20-edit-reports.adoc[leveloffset=+1]
+include::modules/vulnerability-management20-edit-reports.adoc[leveloffset=+2]
 
 //downloading reports
-include::modules/vulnerability-management20-download-reports.adoc[leveloffset=+1]
+include::modules/vulnerability-management20-download-reports.adoc[leveloffset=+2]
 
 //sending reports
-include::modules/vulnerability-management20-send-reports.adoc[leveloffset=+1]
+include::modules/vulnerability-management20-send-reports.adoc[leveloffset=+2]
 
 //cloning reports
-include::modules/vulnerability-management20-clone-reports.adoc[leveloffset=+1]
+include::modules/vulnerability-management20-clone-reports.adoc[leveloffset=+2]
 
 //deleting reports
-include::modules/vulnerability-management20-delete-reports.adoc[leveloffset=+1]
+include::modules/vulnerability-management20-delete-reports.adoc[leveloffset=+2]
 
 //report settings
-include::modules/vulnerability-management20-retention-settings.adoc[leveloffset=+1]
+include::modules/vulnerability-management20-retention-settings.adoc[leveloffset=+2]
 
 [role="_additional-resources"]
 [id="additional-resources_vuln-reporting"]

Original file line number	Diff line number	Diff line change
`@@ -10,19 +10,19 @@`
`10`	`10`	`{product-title-short} guides you through the process of creating a vulnerability management report configuration. This configuration determines the information that will be included in a report job that runs at a scheduled time or that you run on demand.`
`11`	`11`
`12`	`12`	`.Procedure`
`13`		`-. In the {product-title-short} portal, click Vulnerability Management -> Vulnerability Reporting.`
	`13`	`+. In the {product-title-short} portal, click the Vulnerability Management -> Vulnerability Reporting -> Report configurations tab.`
`14`	`14`	`. Click Create report.`
`15`	`15`	`. In the Configure report parameters page, provide the following information:`
`16`	`16`	`** Report name: Enter a name for your report configuration.`
`17`	`17`	`** Report description: Enter a text describing the report configuration. This is optional.`
`18`	`18`	`** CVE severity: Select the severity of common vulnerabilities and exposures (CVEs) that you want to include in the report configuration.`
`19`		`-** CVE status: Select one or more CVE statuses.`
	`19`	`+** CVE status: Select one or more CVE statuses.`
`20`	`20`	`+`
`21`	`21`	`The following values are associated with the CVE status:`
`22`	`22`	`+`
`23`	`23`	`*** Fixable`
`24`	`24`	`*** Unfixable`
`25`		`-** Image type: Select one or more image types.`
	`25`	`+** Image type: Select one or more image types.`
`26`	`26`	`+`
`27`	`27`	`The following values are associated with image types:`
`28`	`28`	`+`
`@@ -40,9 +40,9 @@ You can select one or more columns to include in the report configuration.`
`40`	`40`	`*** Select the Include EPSS probability checkbox, if you want to include the EPSS probability column in the report configuration.`
`41`	`41`	`*** Select the Include advisory name and link checkbox, if you want to include the advisory name and link column in the report configuration.`
`42`	`42`	`** Configure collection included: To configure at least one collection, do any of the following tasks:`
`43`		`-*** Select an existing collection that you want to include.`
	`43`	`+*** Select an existing collection that you want to include.`
`44`	`44`	`+`
`45`		`-To view the collection information, edit the collection, and get a preview of collection results, click View.`
	`45`	`+To view the collection information, edit the collection, and get a preview of collection results, click View.`
`46`	`46`	`+`
`47`	`47`	`When viewing the collection, entering text in the field searches for collections matching that text string.`
`48`	`48`	`*** To create a new collection, click Create collection.`