Loading...

XML

Word

Printable

Type: Bug
Resolution: Unresolved
Priority: Normal
Fix Version/s: None
Affects Version/s: None
Component/s: Compliance
Labels:
- cee

Severity:
Moderate
Steps to Reproduce:
Hide

Run a report on a host that results in more than 1 different severity rules showing as failed

Try using the API endpoint with `failed_rule_severity` to filter out the different severity types and observe the `failed_rule_count` showing the total number of failed rules as opposed to the number of failed rules that match the filter in the API call.
Show
Run a report on a host that results in more than 1 different severity rules showing as failed Try using the API endpoint with `failed_rule_severity` to filter out the different severity types and observe the `failed_rule_count` showing the total number of failed rules as opposed to the number of failed rules that match the filter in the API call.

Story Points:
2
Sprint:
Ops Oct 27 Sprint #12
Documentation Type:

API
PX Impact Score:

SFDC Cases Counter:
SFDC Cases Links:
SFDC Cases Open:

** Note that this is a public ticket, please refrain from adding any sensitive data. **

From https://developers.redhat.com/api-catalog/api/compliance_v2

Looking at the API endpoint `GET /reports/{report_id}/test_results` for "Request Test Results under a Report" we can see a filter option from the query parameters `failed_rule_severity` . The example shows the filter option using `=` and `!=` comparison operators. Below is the full description of the parameter:

~~~

Query string to filter items by their attributes. Compliant with <a href="https://github.com/wvanbergen/scoped_search/wiki/Query-language" target="_blank" title="github.com/wvanbergen/scoped_search">scoped_search query language</a>. However, only `=` or `!=` (resp. `<>`) operators are supported.<br><br>Test Results are searchable using attributes `score`, `supported`, `system_id`, `display_name`, `os_minor_version`, `security_guide_version`, `compliant`, `group_name`, and `failed_rule_severity`<br><br>(e.g.: `(field_1=something AND field_2!="something else") OR field_3>40`)

~~~

My understanding of this filter option would be to filter the test results for a report based on the failed rule severity of each rule. When trying to query this endpoint using this rule to filter out the severity of `unknown`on a report for a system that has 101 failed rules, with 4 of them being classified as `unknown` and using the `!=` operator, I get back an error as seen below:

~~~

{ "errors": [ "Invalid parameter: Field 'failed_rule_severity!' not recognized for searching!" ] }

~~~

When I try changing the operator from `!=` to `<>` I successfully get back incorrect results of ALL failed rules (not excluding the 4 unknown)

(101 total failed rules - 4 unknown severity = 97 failed rules returned)

~~~

↪ curl -X 'GET' \
'https://console.redhat.com/api/compliance/v2/reports/8fa07cd2-e54a-43eb-8695-6466bbd437b5/test_results?limit=10&offset=0&filter=%28system_id%3Db63dfeb8-41dd-4e2d-8e11-64a095d9e39c%20AND%20failed_rule_severity%3C%3Eunknown%29' \
-H 'accept: application/vnd.api+json' | jq | head
{
"data": [
{
"id": "6b0066ef-8ab0-41f8-9466-a1ae3c71f58a",
"end_time": "2025-01-27T13:28:19.000Z",
"failed_rule_count": 101,
"supported": true,
"score": 79.273247,
"type": "test_result",
"display_name": "dhcp130-206.example.com",
-~~snip~~-

~~~

Based on the documentation, I don't believe this filter parameter is working as intended. Either the documentation is incorrect and should be fixed, or the filter option doesn't work and needs to be fixed. Also, if my understanding of this parameter is incorrect please let me know.

Assignee:: Unassigned

Reporter:: Taft Sanders

Votes:: 0 Vote for this issue

Watchers:: 9 Start watching this issue

Created:: 2025/05/28 3:21 PM

Updated:: 2025/10/07 1:24 PM

Details

Description

Attachments

Easy Agile Planning Poker

Activity

People

Dates

Hide