Reports

You can configure KUMA to regularly generate reports about KUMA processes.

Reports are generated using report templates that are created and stored on the Templates tab of the Reports section.

Generated reports are stored on the Generated reports tab of the Reports section.

To save the generated reports in HTML and PDF formats, install the required packages on the device with the KUMA Core.

When deploying KUMA in a high availability version, the time zone of the Application Core server and the time in the user's browser may differ. This difference is manifested by the discrepancy between the time in reports generated by schedule and the data that the user can export from widgets. To avoid this discrepancy, it is recommended to configure the report generation schedule to take into account the difference between the users' time zone and UTC.

Report template

Report templates are used to specify the analytical data to include in the report, and to configure how often reports must be generated. Users with the General administrator, Tenant administrator, Tier 2 analyst, and Tier 1 analyst roles can create, edit, or delete report templates. Reports that were generated using report templates are displayed in the Generated reports tab.

Report templates are available in the Templates tab of the Reports section, where the table of existing templates is displayed. The table has the following columns:

• Name—the name of the report template.

  You can sort the table by this column by clicking the title and selecting Ascending or Descending.

  You can also search report templates by using the Search field that opens when you click the Name column title.

  Regular expressions are used when searching for report templates.

• Schedule—the rate at which reports must be generated using the template. If the report schedule was not configured, the disabled value is displayed.
• Created by—the name of the user who created the report template.
• Updated—the date when the report template was last updated.

  You can sort the table by this column by clicking the title and selecting Ascending or Descending.

• Last report—the date and time when the last report was generated based on the report template.
• Send by email—the check mark is displayed in this column for the report templates that notify users about generated reports via email notifications.
• Tenant—the name of the tenant that owns the report template.

You can click the name of the report template to open the drop-down list with available commands:

• Run report—use this option to generate report immediately. The generated reports are displayed on the Generated reports tab.
• Edit schedule—use this command to configure the schedule for generating reports and to define users that must receive email notifications about generated reports.
• Edit report template—use this command to configure widgets and the time period for extracting analytics.
• Duplicate report template—use this command to create a copy of the existing report template.
• Delete report template—use this command to delete the report template.

Creating report template

Expand all | Collapse all

To create report template:

1. Open the KUMA Console and select Reports → Templates.
2. Click the New template button.

   The New report template window opens.

3. In the Tenants drop-down list, select one or more tenants that will own the layout being created.
4. In the Time period drop-down list, select the time period from which you want to get analytics:
   • If you want to specify an exact date, in the calendar on the left, select the start and end date of the period and click Apply.

     You can select a date up to and including the current date. The date and time format depends on your browser settings. If the Date from or Date to field has a value and you have not edited the time value manually, when you select a date in the calendar, the Date from field is automatically populated with 00:00:00.000, and the Date to field with 23:59:59.999. If you have manually deleted the value in the Date from or Date to field, when you select a date in the calendar, the field is automatically populated with the current time. After you select a value in one of the fields, the focus switches to the other field. If your Date to is earlier than your Date from, this earlier value is automatically inserted into the Date from field.

   • If you want to specify a relative period, select one of the available periods in the Relative period list on the right.

     The period is calculated relative to the current time.

   • If you want to specify a custom period, edit the value of the Date from and Date to fields.

     You can enter an exact date and time in the DD.MM.YYYY HH:mm:ss.SSS format for the Russian localization and YYYY-MM-DD HH:mm:ss.SSS for the English localization or a period relative to the current time as a formula. You can also combine these methods if necessary. If you do not specify milliseconds when entering the exact date, 000 is substituted automatically. If you have edited the time in the Date from or Date to fields, picking a date in the calendar does not change the time component.

     In the relative period formulas, you can use the now parameter for the current date and time and the interval parameterization language: + (only in the Date to field), -, / (rounding to the nearest), as well as time units: y (year), M (month), w (week), d (day), h (hour), m (minute), s (second). For example, you can specify the period now-5d to get data for the last five days, or now/w to get data from the beginning of the first day of the current week (00:00:00:000 UTC) to the current time (now).

     The Date from field is required, and its value cannot exceed the value of the Date from field, and also cannot be earlier than 1970-01-01 (if specifying an exact date or a relative period). The Date to cannot be earlier than the Date from. If you do not specify a value in the Date from field, now is specified automatically.

   By default, the 1 day (now-1d) relative period is selected. The bounds of the period are inclusive: for example, for the Today time range, events are displayed from the beginning (00:00:00:000) of the current day to the current time (now) inclusive, and for the Yesterday period, events are displayed from the beginning (00:00:00:000) of the previous day to 00:00:00:000 of the current day.

   KUMA stores time values in UTC, but in the user interface time is converted to the time zone of your browser. This is relevant to the relative periods: Today, Yesterday, This week, and This month. For example, if the time zone in your browser is UTC+3, and you select Today as the data display period, data will be displayed for the period from 03:00:00.000 until now, not from 00:00:00.000 until now.

   If you want to take your time zone into account when selecting a relative data display period, such as Today, Yesterday, This week, or This month, you need to manually add a time offset in the Date from and Date to fields (if a value other than now is specified) by adding or subtracting the correct number of hours. For example, if your browser's time zone is UTC+3 and you want to display data for Yesterday, you need to change Date from to now-1d/d-3h and Date to to now/d-3h. If you want to display data for the Today period, you only need to change the value in the Date from field to now/d-3h.

   If you need results up to 23:59:59:999 UTC of yesterday, you can use an SQL query with a filter by Timestamp or specify an exact date and time.

5. In the Retention field, specify how long you want to store reports that are generated according to this template.
6. In the Template name field, enter a unique name for the report template. Must contain 1 to 128 Unicode characters.
7. In the Add widget drop-down list, select the required widget and configure its settings. You can add multiple widgets. You can drag widgets around the window and resize them using the button that appears when you hover the mouse over a widget.

   The following limitations apply to widgets with the Pie chart, Bar chart, Line chart, Counter, and Date Histogram chart types:

   • In SELECT queries, you can use extended event schema fields of "String", "Number", and "Float" types.
   • In WHERE queries, you can use all types of extended event schema fields ("String", "Number", "Float", "Array of strings", "Array of numbers", and "Array of floats").

   For widgets with the Table chart type, in SELECT queries, you can use all types of extended event schema fields ("String", "Number", "Float", "Array of strings", "Array of numbers", and "Array of floats").

   You can do the following with widgets:

   • Add widgets.

     To add widget:

     1. Click the Add widget drop-down list and select required widget.

        The window with widget parameters opens. You can see how the widget will look like by clicking the Preview button.

     2. Configure widget parameters and click the Add button.
   • Edit widgets.

     To edit widget:

     1. Hover the mouse over the required widget and clicking the icon that appears.
     2. In the drop-down list select Edit.

        The window with widget parameters opens. You can see how the widget will look like by clicking the Preview button.

     3. Update widget parameters and click the Save button.

   You can edit and delete a widget added to the layout by hovering over the widget, clicking the icon that appears, and then selecting Edit or Delete.

8. You can change logo in the report template by clicking the Upload logo button.

   When you click the Upload logo button, the Upload window opens and lets you choose the image file for the logo. The image must be a .jpg, .png, or .gif file no larger than 3 MB.

   The added logo is displayed in the report instead of KUMA logo.

9. If necessary, select the Show CII-related data check box to display data on assets, alerts, and incidents related to critical information infrastructure (CII) in the layout widgets. In this case, these layouts will be available for viewing only by users whose settings have the Access to CII facilities check box selected.

   If this check box is cleared, layout widgets will not display data on CII-related assets, alerts, and incidents, even if the user has access to CII objects.

10. Click Save.

The new report template is created and is displayed on the Reports → Templates tab of the KUMA Console. You can run this report manually. If you want to have the reports generated automatically, you must configure the schedule for that.

Configuring report schedule

To configure the report schedule:

1. Open the KUMA Console and select Reports → Templates.
2. In the report templates table, click the name of an existing report template and select Edit schedule in the drop-down list.

   The Report settings window opens.

3. If you want the report to be generated regularly:
   1. Turn on the Schedule toggle switch.

      In the Recur every group of settings, define how often the report must be generated.

      You can specify the frequency of generating reports by days, weeks, months, or years. Depending on the selected period, you should specify the time, day of the week, day of the month or the date of the report generation.

   2. In the Time field, enter the time when the report must be generated. You can enter the value manually or using the clock icon.
4. To select the report format and specify the report recipients, configure the following settings:
   1. In the Send to group of settings, click Add.
   2. In the Add emails window that opens, in the User group section, click Add group.
   3. In the field that appears, specify the email address and press Enter or click outside the entry field—the email address will be added. You can add more than one address. Reports are sent to the specified addresses every time you generate a report manually or KUMA generates a report automatically on schedule.

      You should configure an SMTP connection so that generated reports can be forwarded by email.

      If the recipients who received the report by email are KUMA users, they can download or view the report by clicking the links in the email. If the recipients are not KUMA users, they can follow the links but cannot log in to KUMA, so only attachments are available to them.

      We recommend viewing HTML reports by clicking links in the web interface, because at some screen resolutions, the HTML report from the attachment may not be displayed correctly.

      If you send an email without attachments, the recipients will have access to reports only by links and only with authorization in KUMA, without restrictions on roles or tenants.

   4. In the drop-down list, select the report format to send. Available formats: PDF, HTML,
      CSV, split CSV

      

      A CSV report contains all widgets in one file.

      A split CSV allows you to upload individual widgets to separate files and combine these files into an archive for further distribution to specified email addresses.

      

      A CSV report contains all widgets in one file.

      A split CSV allows you to upload individual widgets to separate files and combine these files into an archive for further distribution to specified email addresses.

      

      A CSV report contains all widgets in one file.

      A split CSV allows you to upload individual widgets to separate files and combine these files into an archive for further distribution to specified email addresses.

      , Excel.
5. Click Save.

Report schedule is configured.

Editing report template

Expand all | Collapse all

To edit report template:

1. Open the KUMA Console and select Reports → Templates.
2. In the report templates table click the name of the report template and select Edit report template in the drop-down list.

   The Edit report template window opens.

   You can also open this window on the Reports → Generated reports tab by clicking the name of a generated report and selecting in the drop-down list Edit report template.

3. Make the necessary changes:
   • Change the list of tenants that own the report template.
   • Update the time period from which you require analytics.
   • Add widgets

     To add widget:

     1. Click the Add widget drop-down list and select required widget.

        The window with widget parameters opens. You can see how the widget will look like by clicking the Preview button.

     2. Configure widget parameters and click the Add button.
   • Change widgets positions by dragging them.
   • Resize widgets using the button that appears when you hover the mouse over a widget.
   • Edit widgets

     To edit widget:

     1. Hover the mouse over the required widget and clicking the icon that appears.
     2. In the drop-down list select Edit.

        The window with widget parameters opens. You can see how the widget will look like by clicking the Preview button.

     3. Update widget parameters and click the Save button.
   • Delete widgets by hovering the mouse over them, clicking the icon that appears, and selecting Delete.
   • In the field to the right from the Add widget drop-down list enter a new name of the report template. Must contain 1 to 128 Unicode characters.
   • Change the report logo by uploading it using the Upload logo button. If the template already contains a logo, you must first delete it.
   • Change how long reports generated using this template must be stored.
   • If necessary, select or clear the Show CII-related data check box.
4. Click Save.

The report template is updated and is displayed on the Reports → Templates tab of the KUMA Console.

Copying report template

Expand all | Collapse all

To create a copy of a report template:

1. Open the KUMA Console and select Reports → Templates.
2. In the report templates table, click the name of an existing report template, and select Duplicate report template in the drop-down list.

   The New report template window opens. The name of the widget is changed to <Report template> - copy.

3. Make the necessary changes:
   • Change the list of tenants that own the report template.
   • Update the time period from which you require analytics.
   • Add widgets

     To add widget:

     1. Click the Add widget drop-down list and select required widget.

        The window with widget parameters opens. You can see how the widget will look like by clicking the Preview button.

     2. Configure widget parameters and click the Add button.
   • Change widgets positions by dragging them.
   • Resize widgets using the button that appears when you hover the mouse over a widget.
   • Edit widgets

     To edit widget:

     1. Hover the mouse over the required widget and clicking the icon that appears.
     2. In the drop-down list select Edit.

        The window with widget parameters opens. You can see how the widget will look like by clicking the Preview button.

     3. Update widget parameters and click the Save button.
   • Delete widgets by hovering the mouse over them, clicking the icon that appears, and selecting Delete.
   • In the field to the right from the Add widget drop-down list enter a new name of the report template. Must contain 1 to 128 Unicode characters.
   • Change the report logo by uploading it using the Upload logo button. If the template already contains a logo, you must first delete it.
4. Click Save.

The report template is updated and is displayed on the Reports → Templates tab of the KUMA Console.

Deleting report template

To delete report template:

1. Open the KUMA Console and select Reports → Templates.
2. In the report templates table, click the name of the report template, and select Delete report template in the drop-down list.

   A confirmation window opens.

3. If you want to delete only the report template, click the Delete button.
4. If you want to delete a report template and all the reports that were generated using that template, click the Delete with reports button.

The report template is deleted.

Generated reports

All reports are generated using report templates. Generated reports are available on the Generated reports tab of the Reports section and are displayed in the table with the following columns:

• Name—the name of the report template.

  You can sort the table by this column by clicking the title and selecting Ascending or Descending.

• Time period—the time period for which the report analytics were extracted.
• Last report—date and time when the report was generated.

  You can sort the table by this column by clicking the title and selecting Ascending or Descending.

• Tenant—name of the tenant that owns the report.
• User—name of the user who generated the report manually. If the report was generated by schedule, the value is blank. If the report was generated in KUMA lower than 2.1, the value is blank.

You can click the name of a report to open the drop-down list with available commands:

• Open report—use this command to open the report data window.
• Save as—use this command to save the generated report in the desired format. Available formats: HTML, PDF, CSV, split CSV, Excel. By default, 250 rows are displayed in all formats. At most 500 values can be displayed in tables in PDF and HTML formats. If you want to output more than 500 rows in a report, set your value for the LIMIT parameter in the SQL query and save the report in CSV format.
• Run report—use this option to generate report immediately. Refresh the browser window to see the newly generated report in the table.
• Edit report template—use this command to configure widgets and the time period for extracting analytics.
• Delete report—use this command to delete the report.

Viewing reports

To open report:

1. Open the KUMA Console and select Reports → Generated reports.
2. In the report table, click the name of the generated report, and select Open report in the drop-down list.

   The new browser window opens with the widgets displaying report analytics. If a widget displays data on events, alerts, incidents, active lists, or context tables, you can click its header to open the corresponding section of the KUMA Console with an active filter and/or search query that is used to display data from the widget. Widgets are subject to default restrictions.

   To download the data displayed on each widget in CSV format with UTF-8 encoding, press the CSV button. The downloaded file name has the format <widget name>_<download date (YYYYMMDD)>_<download time (HHMMSS)>.CSV.

   To view the full data, download the report in the CSV format with the specified settings from the request.

3. You can save the report in the desired format by using the Save as button.

Generating reports

You can generate report manually or configure a schedule to have it generated automatically.

To generate report manually:

1. Open the KUMA Console and select Reports → Templates.
2. In the report templates table, click a report template name and select Run report in the drop-down list.

   You can also generate report from the Reports → Generated reports tab by clicking the name of an existing report and in the drop-down list selecting Run report.

The report is generated and is displayed on the Reports → Generated reports tab.

To generate reports automatically, configure the report schedule.

Saving reports

To save the report in the desired format:

1. Open the KUMA Console and select Reports → Generated reports.
2. In the report table, click the name of the generated report, and in the drop-down list select Save as. Then select the desired format: HTML, PDF, CSV, split CSV, Excel.

   The report is saved to the download folder configured in your browser.

You can also save the report in the desired format when you view it.

Deleting reports

To delete report:

1. Open the KUMA Console and select Reports → Generated reports.
2. In the report table, click the name of the generated report, and in the drop-down list select Delete report.

   A confirmation window opens.

3. Click OK.