Alauda Security Service
  • English

    • Vulnerability Reporting

    Alauda Security Service provides a dedicated Vulnerability Reporting area for creating, scheduling, and downloading vulnerability reports. In the current UI, this area includes two main tabs:

    • Report configurations
    • View-based reports

    Use this section to define recurring report configurations, generate downloadable reports, and distribute reports to stakeholders.

    TOC

    Report ConfigurationsCreating a Report ConfigurationConfiguring Delivery Destinations and ScheduleReviewing and Creating the Report ConfigurationEditing and Managing Report ConfigurationsEditing a Report ConfigurationCloning a Report ConfigurationDeleting a Report ConfigurationGenerating and Downloading ReportsStepsView-Based ReportsSending Reports ImmediatelyReport Retention and Expiry Settings

    Report Configurations

    The Report configurations tab stores reusable report definitions. Each configuration can include report scope, filters, schedule, and delivery settings.

    In the current UI, this tab shows saved report configurations and offers a Create report action.

    In the current list view, the main columns are:

    • Report
    • Collection
    • Description
    • My last job status
    • Row actions

    The My last job status column surfaces the latest report job state for each configuration, for example when a report is ready for download.

    Creating a Report Configuration

    1. In the Alauda Security Service portal, go to Vulnerability Management > Vulnerability Reporting.
    2. Stay on the Report configurations tab.
    3. Click Create report.
    4. The wizard opens with these steps:
      • Configure report parameters
      • Configure delivery destinations
      • Review
    5. On Configure report parameters, provide:
      • Report name: Name for your report configuration.
      • Report description: Optional description of the report.
      • CVE severity: Select the severity levels to include.
      • CVE status: Select one or more statuses, such as Fixable or Unfixable.
      • Image type: Select one or more types, such as Deployed images or Watched images.
      • CVEs discovered since: Select the time period for included CVEs.
      • Optional columns:
        • NVD CVSS
        • EPSS probability
        • Advisory Name and Advisory Link
      • Configure collection included: Select at least one collection by using Select a collection.
    6. Use Back, Next, and Cancel to move through the wizard.
    7. Click Next to configure delivery destinations and schedule.

    Note: For more about collections, see "Creating and using deployment collections".

    Configuring Delivery Destinations and Schedule

    1. In Configure delivery destinations, click Add delivery destination.
    2. For each destination, configure:
      • Email notifier
      • Distribution list
      • Email template
    3. At least one delivery destination is required before you can complete the wizard.
    4. The page also includes an optional Configure schedule section.
    5. In Configure schedule, review or set:
      • Repeat every
      • On day(s)
    6. Use the available selectors such as Select frequency and Select days to define a recurring schedule when needed.
    7. Click Next to continue to Review.

    Reviewing and Creating the Report Configuration

    1. In the Review step, review the report parameters, delivery destinations, and optional schedule.
    2. Save the configuration.

    Editing and Managing Report Configurations

    You can edit, clone, or delete report configurations as needed.

    Editing a Report Configuration

    1. In Vulnerability Management > Vulnerability Reporting, locate the report configuration.
    2. Open the available actions for that report and select Edit report, or open the report and edit it from its details view.
    3. Make changes and save.

    Cloning a Report Configuration

    1. In the list, select Clone report for the desired configuration.
    2. Modify parameters and destinations as needed.
    3. Click Create.

    Deleting a Report Configuration

    1. In the list, open the available actions for the configuration.
    2. Select Delete report.

    Note: Deleting a configuration also deletes all reports previously run using it.

    Generating and Downloading Reports

    You can generate downloadable reports from saved report configurations.

    Steps

    1. In Vulnerability Management > Vulnerability Reporting, locate the desired configuration.
    2. Generate the report:
      • From the list: open the available actions and select Generate download
      • From the report details view: use the available actions to generate a download
    3. Wait until the report finishes processing.
    4. Download the generated .csv report package when it is ready.

    Note: You can only download reports you have generated.

    View-Based Reports

    The View-based reports tab provides reporting workflows based on vulnerability views rather than only saved recurring configurations. Use this tab when you want to work from an existing vulnerability view and generate report output based on that context.

    Sending Reports Immediately

    You can send a report immediately instead of waiting for the scheduled time.

    1. In Vulnerability Management > Vulnerability Reporting, locate the configuration.
    2. Open the available actions and select Send report now.

    Report Retention and Expiry Settings

    You can configure how long report jobs and downloadable files are retained.

    1. In Platform Configuration > System Configuration, review or set:
      • Vulnerability report job history retention
      • Prepared downloadable vulnerability reports retention days
      • Prepared downloadable vulnerability reports limit
    2. Click Edit to change values, then Save.

    These settings control how long report jobs remain visible and how long downloadable report artifacts are retained.