Hi everyone,
We use SQL query report to get compliance results from policy scans. Query runs against fact_asset_policy.
SELECT dp.title, fap.rule_compliance, fap.not_applicable_rules, fap.noncompliant_rules, fap.compliant_rules, da.ip_address, da.host_name, dp.category, dos.description FROM fact_asset_policy fap JOIN dim_policy dp USING (policy_id) JOIN dim_asset da USING (asset_id) JOIN dim_operating_system dos USING (operating_system_id) ORDER BY dp.category
Is there a way to compare rule_compliance for the asset against a previous scan? Something similar to what baseline function does for vulnerabilities.
Idea is to get a report where we can see compliance % between two scan dates for each asset.
Thanks