Generating Reports
Create comprehensive security and compliance reports for stakeholders and auditors.
Flexible Reporting
Generate reports on-demand or schedule automatic delivery to stakeholders with customizable formats and filters.
Reporting Overview
| Feature | Description |
|---|---|
| 5 Report Types | Security, Compliance, Executive, Incident, Agent Health |
| Scheduled Delivery | Daily, weekly, or monthly automated reports |
| Multiple Formats | PDF, CSV, JSON exports |
Creating a Report
- 1️⃣ Navigate
- 2️⃣ Select Type
- 3️⃣ Configure
- 4️⃣ Generate
Step 1: Navigate to Reports
Access the reporting interface from your portal dashboard.
| Action | Description |
|---|---|
| Login | Log in to your CastellanAI portal |
| Navigate | Go to Dashboard → Reports |
| Create | Click "New Report" button |
Step 2: Select Report Type
Choose the report type that matches your needs.
| Type | Description | Best For |
|---|---|---|
| Security Summary | Threats detected, actions taken, security posture | Security teams |
| Compliance Report | Framework compliance with evidence | Auditors |
| Executive Summary | High-level metrics and trends | Leadership |
| Incident Response | Incident timeline and resolution | Post-incident reviews |
| Agent Health | Agent status and performance | Operations teams |
Step 3: Configure Time Range & Filters
Specify the time period and filters for the report.
| Filter | Options |
|---|---|
| Time Range | Last 24 hours, 7 days, 30 days, custom |
| Severity | Critical, High, Medium, Low |
| Agent Filter | All agents or specific agents |
| Event Type | Authentication, malware, network, etc. |
Step 4: Generate & Download
Generate and download in your preferred format.
| Step | Action |
|---|---|
| Review | Check configuration summary |
| Generate | Click "Generate Report" (10-30 seconds) |
| Format | Choose PDF, CSV, or JSON |
| Download | Save report to your computer |
Report History
Generated reports are saved in your report history for 90 days.
Report Types
- 🛡️ Security Summary
- ✅ Compliance
- 📊 Executive
- 🚨 Incident
- 🖥️ Agent Health
Security Summary Report
Comprehensive overview of threats and security posture.
Includes:
| Section | Content |
|---|---|
| Threat Overview | Events by severity and type |
| Actions Taken | Response actions executed |
| Security Score | Overall security posture |
| Top Targets | Most targeted systems/users |
Compliance Report
Framework compliance with evidence mapping.
Includes:
| Section | Content |
|---|---|
| Control Status | Implementation status |
| Evidence | Supporting documentation |
| Gap Analysis | Non-conformities identified |
| Recommendations | Remediation guidance |
Executive Summary
High-level metrics for leadership.
Includes:
| Section | Content |
|---|---|
| Key Metrics | Critical numbers at a glance |
| Trends | Security posture over time |
| Business Impact | Risk and cost implications |
| Action Items | Recommended next steps |
Incident Response Report
Detailed incident documentation.
Includes:
| Section | Content |
|---|---|
| Timeline | Chronological event sequence |
| Root Cause | Analysis and findings |
| Impact | Affected systems and data |
| Resolution | Actions taken and lessons learned |
Agent Health Report
Agent status and performance metrics.
Includes:
| Section | Content |
|---|---|
| Deployment | Agents by platform |
| Health Status | Online/offline history |
| Collection Rate | Events per agent |
| Gaps | Coverage recommendations |
Report Contents
- 📈 Security Metrics
- ⚡ Incident Response
- 📋 Compliance Evidence
- 🖥️ Agent Coverage
Security Metrics
| Metric | Description |
|---|---|
| Total Events | Events collected and analyzed |
| Threats by Severity | Breakdown by severity level |
| Security Score | Trend over time |
| Top Targets | Most targeted systems/users |
| Attack Vectors | Top threat types |
Incident Response Metrics
| Metric | Description |
|---|---|
| Actions Executed | Response actions taken |
| MTTD | Mean time to detect |
| MTTR | Mean time to respond |
| Success Rate | Action success/failure |
| Resolution Time | Incident timelines |
Compliance Evidence
| Evidence Type | Description |
|---|---|
| Control Status | Implementation status |
| Audit Logs | Retention confirmation |
| Monitoring Coverage | Security coverage |
| Access Reviews | Access control documentation |
| Procedures | Incident response adherence |
Agent Coverage Metrics
| Metric | Description |
|---|---|
| Total Agents | Deployed by platform |
| Status History | Online/offline tracking |
| Collection Rate | Events per agent |
| Health Metrics | Warnings and alerts |
| Gaps | Coverage recommendations |
Scheduled Reports
| Schedule | Delivery | Use Case |
|---|---|---|
| Daily | 8:00 AM | Security operations |
| Weekly | Monday | Management review |
| Monthly | 1st of month | Compliance and executives |
Configure scheduled reports from Settings → Scheduled Reports.
Best Practices
| Practice | Description |
|---|---|
| Tailor to Audience | Executives need summaries, analysts need details |
| Regular Cadence | Daily ops, weekly management, monthly executives |
| Include Context | Explain findings and suggest improvements |
| Archive Reports | Maintain history for audits |
| Act on Findings | Use reports to identify and address gaps |
📝 Report Generation Checklist
- Identify report audience and purpose
- Select appropriate report type
- Configure time range and filters
- Review report configuration
- Generate and verify content
- Download in appropriate format
- Schedule recurring delivery if needed
- Archive for compliance
What's Next?
| Guide | Description |
|---|---|
| Compliance Frameworks | Compliance reporting for SOC 2, HIPAA, PCI DSS |
| Exporting Data | Export raw security data for analysis |
| Dashboard Overview | Understand dashboard metrics |