CSV/XML Report - Remove Business Risk Content (Post 8.0 Update Workaround)

Document created by Kyle Rohan on May 30, 2014Last modified by Kyle Rohan on May 30, 2014
Version 2Show Document
  • View in full screen mode

As part of the recently released QG 8.0 upgrade, one of the feature updates included was the addition of Business Risk Score Summary information within the top portion of the CSV and XML.  This document contains details on how to remove different sections of Business Risk Summary information from such reports based on your needs.


In case you missed it here is the full details of the feature update as part of 8.0:

Security Risk Score Summary Added to XML and CSV Reports

With this release vulnerability scan reports now include a security risk score summary for the report as a whole and per host, in all available report formats.  Previously security risk metrics were not included in XML or CSV output types.  As before, the risk score summary appears when your report template is configured for host based findings (automatic data) and the Text Summary option is selected. The corresponding asset_data_report.dtd was updated.


Figure 1

HOW TO: Remove this section from your report - Workaround

As some customers have undoubtedly experienced, it may be desirable to  remove this data from the report in order to allow a more streamlined report or to ensure the operation of previous automated processes a customer may have built around the consumption of such CSV reports (not an issue with XML).  Please follow the steps below as a workaround to disable this information from appearing on your report.


Note: This is listed as a workaround as it requires the removal of additional summary data in the report. (Option A below)  At this time there is no way to disable just the Business Risk Score information.  A more permanent fix and adjustment is being investigated by our engineering team and we will update this thread relative to any proposed fixes or adjustments once this information becomes available.


Step 1: Edit the Report Template

Go to Reports -> Templates and edit (or create) the report template in question.  All information regarding filters, scan results, etc. can be left unmodified

5-30-2014 3-43-34 PM.jpg

Figure 2

Step 2a: Option A - Remove the Summary of Vulnerabilities Info + Risk Summary

Navigate to the "Display" Section under the report template, and deselect "Text Summary" under the Report Summary Heading:


5-30-2014 3-38-31 PM.jpg

Figure 3


Step 2b: Option B - Remove IP Risk Detail Summary

Navigate to the "Display" Section under the report template, and deselect "Text Summary" under the Detailed Results Heading (second one, further down the page):

5-30-2014 3-39-02 PM.jpg

Figure 4

Summary of Report Elements removed in Options A & B


5-30-2014 3-24-32 PM.jpg

Figure 5