cve-dashboard/docs/kb-reporting-page-guide.md

# Reporting Page Guide

## Overview

The Reporting Page is the primary operational page in the STEAM Security Dashboard. It provides a live view of all open Ivanti host findings with filtering, sorting, inline editing, metric charts, and export capabilities.

## Getting Started

1. Navigate to the Reporting page from the sidebar
2. Click **Sync** (top right) to pull the latest findings from Ivanti
3. The sync timestamp updates when complete — findings, charts, and counts all refresh together

## Metric Charts

Four donut charts appear at the top of the page:

### Open vs Closed
Shows the total count of open and closed findings across all synced data.

### Action Coverage
Breaks down open findings into three categories:
- **FP Request** (blue) — findings with an FP workflow ticket in Ivanti
- **Archer Exception** (amber) — findings with an EXC-XXXXX number in their notes
- **Pending** (red) — findings with no action taken yet

Click a chart segment to filter the table to that category. Click again or use "clear filter" to remove.

### FP Finding Status
Shows the distribution of findings across FP workflow states (Requested, Reworked, Actionable, Approved, Rejected, Expired).

### FP Workflow Status
Shows the count of unique FP ticket IDs per state — one FP ticket can cover many findings.

## Findings Table

### Columns
The table has 13 columns. All are visible by default:

| Column | Description |
|--------|-------------|
| Finding ID | Ivanti host finding identifier |
| Severity | VRR score with severity group (Critical, High, Medium) |
| Title | Vulnerability title |
| CVEs | Associated CVE identifiers (hover for tooltip details) |
| Host | Hostname (inline editable) |
| IP Address | Device IP |
| DNS | DNS name (inline editable) |
| Due Date | SLA deadline — red if overdue, amber if within 30 days |
| SLA | SLA status (Overdue, At Risk, Within SLA) |
| BU | Business unit ownership (STEAM or ACCESS-ENG) |
| Workflow | FP workflow badge showing ticket ID and state |
| Last Found | Date the finding was last detected by scanner |
| Notes | Free-text notes field (inline editable) |

### Column Management
Click the **Columns** button (gear icon) to:
- Show/hide columns by clicking the eye icon
- Drag columns to reorder them
- Your column configuration is saved in your browser

### Sorting
Click any sortable column header to sort. Click again to reverse direction. The active sort column is highlighted in blue.

### Filtering
Click the filter icon on any filterable column header to open a dropdown with all unique values. Check/uncheck values to filter. Use "Select All" or "Clear" for bulk operations. A search box lets you find specific values quickly.

Active filters show as amber badges above the table. Click "Clear Filters" to remove all column filters at once.

### Inline Editing

Three columns support inline editing:

- **Host**: Click the hostname to edit. An amber dot appears when an override is active. Click the revert button (↻) to restore the original Ivanti value. Overrides survive re-syncs.
- **DNS**: Same behavior as Host.
- **Notes**: Click to type. Saves automatically on blur. Use notes to record EXC numbers (e.g., `EXC-12345`) — the Action Coverage chart will classify these as "Archer Exception".

## Selecting Findings

Check the checkbox on any row to select it. Use Shift+Click for range selection. The "select all" checkbox in the header selects all visible (non-queued) findings.

When findings are selected, a toolbar appears with:
- Workflow type toggle (FP / Archer / CARD)
- Vendor input field (not needed for CARD)
- "Add to Queue" button to stage findings for batch processing

## Export

Click the **Export** dropdown to download the current filtered/sorted view as:
- **CSV** — comma-separated values with UTF-8 BOM
- **Excel (.xlsx)** — formatted spreadsheet with auto-fit column widths

Only visible columns are included in the export.