Contents x
    January 2024
    • 08 May 2024
    • Print
    • Dark
      Light
    • PDF
    Contents

    January 2024

    • Updated on 08 May 2024
    • Print
    • Dark
      Light
    • PDF
    Article Summary

    Lock Aggregated Findings

    The Aggregated Findings feature contributes to your team's RemOps capabilities in the long-term. Seemplicity automatically locks aggregated finding groups and prevents new findings from merging into existing in-process groups.

    How does it work? At the point when all the raw findings in an Aggregation Rule group have been fixed, the aggregated group will become locked. When new raw findings are identified that match the logic of the aggregated group, but have not been fixed, they will be added to a new Aggregation Rule group with the same rule logic.

    Locked Aggregated Findings prevents continuous updates to aggregated findings while you and your team actively engage with those tickets.

    LockAggrFndngs

    Dev Portal - GraphQL API

    Some companies prefer to tailor automatic processes between different systems, instead of executing them via the UI of every platform. You can access the Seemplicity API so you can pull data directly to your workspace.

    Check out our new Dev Portal here in the Seemplicity Knowledge Base. We've included a Quickstart guide and details on our Scope and Filter Language. For our Seemplicity GraphQL API Reference, see our documentation here.

    If you're interested in using the Seemplicity API, contact Customer Services to have the API enabled for your company.

    Aggregation Rule Visibility

    Aggregation rules enable you to create and customize Rules that automatically improve your Remediation process. Our aim is to provide clear visibility into the running rules within your environments to empower you to manage them seamlessly from the Seemplicity platform.

    So, how do you take advantage of these rules? From the Rules tab, select Aggregation. This view-only page provides a table that includes the following data points for each rule:

    • The logic used to aggregate the findings (Aggregate Findings by) - accompanied by a Seemplicity icon when we've made it, and missing for manual rules that you create
    • The relevant resource filters that align with the aggregation logic (Rule Scope)
    • The findings' filters relevant to the aggregation logic (Rule Filter)
    • How the rule impacts the number of findings, with insights into its efficiency (Affected Findings)
    • The last time the specific rule finished running, which helps you identify gaps between aggregated findings groups and findings that should be aggregated but have not yet been added to the group (Last Run)
    • An indicator toggle identifying if the rule is or is not active

    AggregationRulesVisibility

    NOTE

    Because it requires time to complete individual mappings, Aggregation Rule Visibility will be released to customers in phases over the coming weeks. We love your feedback, so let us know what you think as you start to use it.

    Enhanced Download CSV Capabilities

    We've been steadily adding functionality to our Download CSV feature throughout the Seemplicity platform since many of our customers use this for operational and auditing purposes.

    Recently, we added the ability to reorder columns in the exported findings CSV. Now when you do the same steps, the CSV provides a consolidated table view of main findings and raw findings of aggregated findings, with no limit to the total number.

    From Findings, select the elipsis (...) at the top right corner of the Scope and Filters bar to open the Download CSV dialog. From there, select/deselect and arrange the order of the data columns in the file. When finished, select Save & Export and the entire table that matches the selected scope and filters will download to this enhanced CSV file.

    • Each file contains maximum 10,000 findings. If you need to export more than that, the download will automatically be separated to files each of 10,000 findings in ZIP file format. Files are split so that all findings of the same aggregated group are in the same file, not spread across multiple files.
    • For added readability, the CSV files include indentation for any raw finding aggregated under the main finding. The new Main Findings column indicates whether the finding is the main aggregated finding item or a non-aggregated finding.
    NOTE

    The default columns in the CSV file mirror the default columns in the UI. You can customize columns by adding or removing them based on your preferences. Your latest preferences are retained when you download the file.

    Findings Summary Widget

    Seemplicity empowers users to focus on what matters most in their remediation pipeline. Leveraging rules like aggregation and status, teams are able to streamline their workload to provide a consolidated view that reduces the number of findings they must address with their team(s).

    The Findings Summary widget (now a default feature on the Organizational Dashboard) can be added to any customized dashboard via the Widget Store. The widget displays the transition from the number of raw findings collected from data sources to the findings created in Seemplicity.

    The widget displays when there's more than 10% decrease between the collected and displayed findings. If this status is true, then the widget will also showcase how the amount of the highest severity findings in the environment was affected.

    FindingsSummaryWidget

    Note:

    IMPORTANT
    • As mentioned, the reduction in the number of findings is visible only when there is more than 10% change between Raw findings and Findings. This typically occurs when you apply aggregation and status rules in the environment.
    • Display of the reduction of the highest severity level is visible when there is more than 5% reduction and more than 10% change in the entire environment.
    • Applying different filters may cause variations in the numbers and may hide the reduction in the highest severity level if it does not align with the logic to display it.

    Reopen Tickets for Unresolved Findings

    Sometimes a ticket can be marked as done, but one of the associated findings isn't actually fixed. We've released the Reopen Tickets feature so you can always be sure your remediation queue tickets are resolved until the end, without daily checkups.

    As part of the remediation operations process, remediation queues create tickets and track each ticket's ongoing status. When you create or edit a queue, you can now activate the option to verify the finding's status. If Seemplicity detects that the finding is actually open, but the ticket is closed, we'll try to reopen it. You can specify the number of days before a ticket is reopened for unresolved findings. The default amount is three days.

    IMPORTANT
    • Reopen tickets is available for new and existing queues and all ticketing system integrations.
    • The feature does not apply to manual tickets that are opened in general or manual tickets that open from the queue's waiting list.
    • The action to reopen a ticket depends on Seemplicity's permissions in your selected ticketing system and the capabilities of the instance. If we encounter difficulty reopening a ticket, you will receive a comment that states we attempted to reopen but were unsuccessful, and the corresponding finding remains open (see second image).

    To enable when creating a queue, in the Queue Details section, select the checkbox to automatically reopen tickets and enter the number of days for the resolve period.

    reopened_ticket1

    reopened_ticket2

    Usability Enhancements

    To make it easier for you to view your data, we've added two components to the Resources table: Pagination and Navigation.

    • Use the Pagination component to select how many rows per page
    • Use the Navigation component to make large jumps through your data

    These enhancements will soon be available in Findings and Remediations too!

    TablePagNav

    Manual Aggregation Enhancement

    Seemplicity uses Rules to give you full flexibility around Finding Status, Priority, and SLA, according to a specific Scope and Filter. You can create and customize Rules that automatically improve the Remediation process.

    Now when you choose to manually aggregate findings in a specific Scope and Filter, you can create a Rule that generates an open group according to that definition. Any new findings that match the specific Scope and Filters will automatically be added to this group. If no rule is selected (second image), a group is created as a one-time event without the ability to automatically aggregate new applicable findings to that group.

    To create the aggregated rule, create a Scope and Filter per your requirements, go to Findings, select the All checkbox in the top left corner of the Findings table. Next, select Actions (All) > Aggregate Findings (All).

    AggregateFindings

    From the Aggregate Findings popup, select Aggregation Rule (Optional) > checkbox to create a rule for new Findings like these > Aggregate.

    AggregateRuleEnhancement

    Email Notifications

    Resolving the findings in your Remediation queue and having visibility of their lifecycle over time is critical for organizations. It's important to stay updated if/when SLA commitments are exceeded, or other events occur.

    We're currently building more functionality for event-based notifications via email, and this month we've released a significant part of that development.

    Now you can share Findings and Scope and Filter views to your team members via email. Similar to the current Slack Share, Email Share can be used for:

    • Scope and Filter View
    • Single Finding
    • Multiple Findings in a specific Scope and Filter that are part of a Queue, sent on a regular schedule
    LIMITATION

    This capability is currently limited to one recipient at a time.

    To share the Scope and Filter View, from Findings, select the ellipsis > Share URL. In the Share popup in the Share via Email tab, enter your team member's Email address, an optional message, and then select Share.

    ShareEmail

    To share a Single Finding, from Findings, select the finding you want to share. The Details panel displays. From the top right corner, select Share much the same as when sharing a Scope and Filter View. You can also choose to send the Finding's details as an attached CSV file via the checkbox.

    To share Multiple Findings in a Scope and Filter via Email, add an Email Queue Type to your Remediation Queue. Go to Remediation > +New Queue. From Create a Queue, select Email as your new queue type. In the Email Queue Details dialog, enter/edit the Queue's Name, your team member's Email address, and the schedule to send the notification.

    Average Ticket Age and Tickets by Status Trend Widgets

    Many of our customers want to ensure they can measure efficiency when it comes to resolving issues over time. This trend can indicate the overall health status of your remediation program and help you determine if things are getting better (or worse) over time. For these reasons, we've developed the Average Ticket Age Over Time and the Tickets by Status Over Time widgets. Find them in the Widget Store and let us know what you think.
    TicketAge_TicketStatusxTime

    What's Next