Viewing the Performance Analytics for Configuration Compliance dashboard

  • Release version: Yokohama
  • Updated January 30, 2025
  • 9 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Viewing the Performance Analytics for Configuration Compliance dashboard

    The Configuration Compliance Performance Analytics (PA) dashboard enables ServiceNow customers to efficiently manage and remediate key configuration issues by providing detailed visual reports. With this dashboard, users can analyze compliance trends, remediation progress, approval statuses, and other critical metrics related to configuration compliance.

    Show full answer Show less

    Note that from version 14.9 onward, terminology changes include renaming "Test Result Group" to "Remediation Task Group" and "Rules" to "Remediation Task Rules," among others. Also, the dashboard is accessible in both the classic and Next Experience UIs, with some functional differences depending on the ServiceNow release.

    Required Roles

    • admin: Installs and activates the Performance Analytics for Configuration Compliance, manages system properties.
    • paadmin: Creates and manages background jobs, indicators, breakdowns, widgets, dashboards, and starts data collection.
    • snvulc.read: Allows read-only access to review dashboard data.

    Accessing the Dashboard

    Navigate to All > Configuration Compliance > Overview to open the dashboard. In the Next Experience UI (available from v14.9), access it via Workspaces > Vulnerability Manager Workspace, then select Dashboards. Role-based default dashboards display, with options to select others via dropdown.

    Dashboard Tabs and Features

    • Overview Tab: Offers five main filters—Asset category, Cloud resource type, Cloud service provider, Cloud account, and Cloud region—to customize the data displayed. Widgets update dynamically based on filters. Users can drill down to KPI Details for advanced analysis like comparing records, changing chart types, date ranges, trends, and applying extra filters.
    • Compliance Tab: Shows compliance percentages against authoritative sources such as HIPAA and DISA, with options to filter by category.
    • Remediation Tab: Visualizes remediation progress and hygiene of misconfiguration tasks.
    • Approvals Tab: Displays exception request statuses and approval information.

    Breakdowns and Filters

    Indicators use various breakdowns such as Deferred Reason, Age, Assignment group, Remediation status, Risk rating, Asset category, Host tag, Cloud service details, and Configuration test. Customizing Age and Age closed calculations can significantly impact PA reports.

    The Overview tab filters allow selection of multiple options for asset and cloud-related categories to tailor the displayed data. Each widget reflects applied filters and adjusts reports accordingly.

    Key Data Visualizations

    Overview Tab Visualizations include compliance trends, remediation task counts, critical remediation tasks nearing due dates, test results categorized by risk rating and age, closed test results, and overdue critical test results by assignment group or services.

    Remediation Tab Visualizations present remediation tasks by risk rating, remediation target status, assignment group breakdowns, overdue critical remediation tasks, expiring remediation tasks, and critical exceptions.

    Approvals Tab Visualizations focus on exception requests pending approval, reasons for approvals, approval status breakdowns, expiring exception requests, and status summaries of requests created by the user.

    Practical Benefits for ServiceNow Customers

    • Quickly identify and prioritize configuration compliance issues with risk-based insights.
    • Monitor remediation task progress to ensure timely resolution of vulnerabilities.
    • Track exception requests and approvals to maintain governance and audit readiness.
    • Customize views and filters to focus on relevant assets, cloud environments, or compliance frameworks.
    • Leverage detailed analytics to support continuous improvements in compliance posture.

    You can manage your most important configuration issues and remediate them quickly by viewing the reports on the Configuration Compliance Performance Analytics (PA) dashboard.

    Note:
    Starting with v14.9 of Configuration Compliance, the following terms have been renamed:
    Table 1. Changes in terminology
    Terminology prior to v14.9 Terminology v14.9 onwards
    Test Result Group Remediation Task
    Group Rules Remediation Task Rules
    Policy Test group

    Required ServiceNow AI Platform roles

    The following roles are required for the Configuration Compliance Performance Analytics dashboard:

    • admin: An admin can install and activate the Performance Analytics for Configuration Compliance and make changes to the system properties.
    • pa_admin: A performance analytics administrator can create and review the background jobs, indicators, breakdowns, widgets, and dashboards. This admin can also set up and start the data collection.
    • sn_vulc.read: A user with the read role can review the dashboard data.

    Access the Configuration Compliance dashboard

    To open the dashboard, navigate to All > Configuration Compliance > Overview.

    Important:
    Starting with version 14.9 of Configuration Compliance, this dashboard can also be viewed in the Next Experience UI. To view the dashboard in the new UI, navigate to Workspaces > Vulnerability Manager Workspace and click the Dashboards icon. Depending on your role, the default dashboard is displayed. To view other dashboards, click the drop-down next to the dashboard name. For more information, see the Dashboards in the Vulnerability Manager Workspace and Dashboards in the IT Remediation Workspace.
    Note:
    If you are on Tokyo, you can view the dashboards in the Next Experience UI but with some functional loss.

    Configuration Compliance [PA] dashboard tabs

    Figure 1. Overview tab
    The Overview tab provides five filters. These filters are the Asset category, Cloud resource type, Cloud service provider, Cloud account, and Cloud region, which you can apply to visualize the reports for the filters applied. If you select a category and apply the changes, all the widgets that support the category get refreshed. Each widget displays the applied filter at the bottom and the number of filters applied on the filter icon of the widget. Click the report in a widget to view the additional information on the KPI Details tab. On the KPI Details tab, you can:
    • Show the records.
    • Compare the records.
    • Change the chart type.
    • Select the date range.
    • View the trends that are based on the duration.
    • Apply the additional filters including the filters that are unavailable on the Overview tab. An example is the Host tag.

    The following example shows how you can apply the filters in the Overview tab and perform the actions in the KPI Details tab.

    Figure 2. Compliance tab

    The Compliance tab displays the compliance percentage for the various authoritative sources, such as the Health Insurance Portability and Accountability Act (HIPAA) and the Data Interchange Standards Association (DISA). You can refine this list by using the column header filters and selecting a category.

    The following example shows how you can filter the data in the Compliance tab.

    Figure 3. Remediation tab

    The Remediation tab displays the information about the progress of how remediation is going. You can use this tab to see into the misconfiguration remediation hygiene.

    The following example shows the Remediation tab.

    Remediation tab
    Figure 4. Approvals tab

    The reports on the Approvals tab display the information about the exception requests and their approval status.

    The following example shows the Approvals tab.

    Approvals tab

    Breakdowns

    The breakdowns that are used by the indicators are as follows:
    • Deferred Reason
    • Age
    • Assignment group
    • Remediation status
    • Result
    • Risk rating
    • Asset category
    • Host tag
    • Configuration test
    • Cloud service provider
    • Cloud region
    • Cloud account
    • Cloud resource type
    Note:
    Customizing the Age and Age closed calculation for test results may lead to a sharp rise or drop in the Performance Analytics (PA) reports that include these metrics. For more information on how to customize the calculation of Age and Age closed for test results, see the KB1703270 KB article.

    Filters

    In the Overview tab, you can apply the following filters to the widgets to visualize the filtered data.

    Name Type Description

    Asset category

    Choice

    Type of asset.

    The four options are:
    • Cloud
    • Container
    • Infra
    • OT
    Cloud resource type

    Choice

    Type of resource. An example is a virtual machine.

    The data in the filter is filled in when you run the integration.
    Cloud service provider

    Choice

    Service provider for the cloud.

    The three options are:
    • Amazon Web Services (AWS
    • Microsoft Azure
    • Google Cloud Platform (GCP)
    Cloud account

    Choice

    		 Account ID that is created when an account is created in a cloud service. For example, AWS. The account ID data is filled into the filter when you run the integration.
    Cloud region

    Choice

    		 Location where the resource is hosted.
    Note:
    You can select multiple options from the filters and select Apply. Each widget shows the filters that are applied and the filters that aren’t applied. Depending on the data available, the report is generated. The widget also shows the count of the filter that is supported.

    Data visualizations

    Table 2. Overview tab visualizations
    Report name Type Source table Description

    Compliance Trend

    		 Line chart

    Line chart that shows the compliance trend.

    		 Test Results
    Information about the compliance trend:
    • Resources: Total number of resources that are available in the system.
    • Fail: Number of resources with at least one failed test result.
    • Pass: Number of resources with all the test results in the passed state.
    Remediation Task

    Single score

    Single score that shows the test result group.    		 Test Results Number of remediation tasks, which are present in the system and are in an active state.
    Critical remediation tasks near due

    Single score

    Single score that shows the critical remediation tasks that are approaching the target.    		 Test Results Number of remediation tasks where the risk rating is "critical" and the remediation status is "approaching target."
    Test results by risk rating

    Bar

    Bar that shows the test results by the risk rating.    		 Test Results Test results in the failed state, which are grouped according to the risk rating.
    Test results by age

    Bar

    Bar that shows the test results by age.    		 Test Results Test results in the failed state, which are grouped according to when the test results were created.
    Note:
    Customizing the Age and Age closed calculation for test results may lead to a sharp rise or drop in the Performance Analytics (PA) reports that include these metrics. For more information on how to customize the calculation of Age and Age closed for test results, see the KB1703270 KB article.
    Closed test results by remediation target adherence

    Bar

    Bar that shows the closed test results by the remediation target adherence.    		 Test Results Test results in the passed state, which indicates that this test is closed.
    Overdue critical test results by assignment group

    List and Score

    List and score that show the overdue critical test results by the assignment group.    		 Test Results Number of test results where the risk rating is "critical" and the remediation status is "target missed". The report indicates that the test results are in an Open state. If the test results cross the remediation target date, it’s considered as overdue.
    Overdue test results- services

    List, Score, and Trend

    List and score that show the overdue test results-services. Trend of the overdue test results-services.    		 PA dashboards database view for Services Number of test results for services where the remediation status is "target missed". This report also displays the name of the services or departments with the highest test results.
    Overdue test results- service owners

    List, Score, and Trend

    List and score that show the Overdue test results-service owners. Trend of the overdue test results-service owners.    		 PA dashboards database view for Services Number of test results for service owners whose remediation status is "target missed". This report also displays the name of the services or departments with the highest test results.
    Table 3. Remediation tab visualizations
    Title Type Source table Description
    Remediation task by risk rating Bar

    Bar chart that shows the remediation task by the risk rating.

    		 Remediation task Breakdown of the risk ratings of all the test results groups that are in the active state.
    Remediation task by remediation target status

    Bar

    Bar chart that shows the remediation task by the remediation target status.    		 Remediation task Breakdown of the remediation targets of all the test results groups that missed the target, have no target, and are approaching the target.
    Remediation task by assignment group

    List, Score, and Trend

    List and score that show the remediation task by the assignment group. Trend of the remediation task by the assignment group.    		 Remediation task Breakdown of the remediation tasks that are based on an assignment group.
    Overdue critical remediation task by assignment group

    List, Score, and Trend

    List and score that show the overdue critical remediation task by the assignment group. Trend of the overdue critical remediation task by the assignment group.    		 Remediation task Breakdown of the remediation tasks that are based on an assignment group. These remediation tasks have a risk rating as "critical", and their remediation target hasn’t been met.
    Expiring remediation task by age

    Bar

    Bar chart that shows the expiring remediation task by age.    		 Remediation Task Remediation tasks that are going to expire within a certain duration. A maximum of 10 duration buckets can be created.
    All pending exception requests grouped by reason

    Bar

    Bar chart that shows all pending exception requests that are grouped by reason    		 State change approval State change approval requests that are grouped by the reason for the exception.
    Critical exceptions on test results by assignment group

    List, Score, and Trend

    List and score that show the critical exceptions on the test results by the assignment group. Trend of the critical exceptions on the test results by the assignment group.    		 Test Results Test results that are in a deferred and critical state and are grouped based on the assignment group.
    Table 4. Approvals tab visualizations
    Reports Type Source table Description
    Exception requests by age pending my approval Bar

    Bar chart that shows the exception requests by age pending my approval.

    		 Approval Exception requests that are created by you and that are pending approval. The requests are grouped according to the duration of the request.
    Approval requests by reason

    Bar

    Bar chart that shows the approval requests by reason.    		 State change approval State change approval requests for creating an exception and include the reason for the exception.
    Remediation tasks having approval request by risk rating

    Bar

    Bar chart that shows the remediation tasks that have an approval request by risk rating.    		 Remediation task Remediation tasks that have an approval request that is based on the criticality.
    My approval requests by approved and rejected status

    Bar

    Bar chart that shows my approval requests by the approved and rejected status.    		 State change approval Exception requests that are grouped by the approved and rejected statuses.
    Expiring exception requests by me by age

    Bar

    Bar chart that shows the expiring exception requests by me by age.    		 State change approval Exception requests that are going to expire in the coming weeks. The exception requests are grouped based on weeks.

    Whenever an exception request is created, a date is selected for the validity of the exception request. The calculation for the age of the request is based on this date.
    Status of exception requests requested by me

    Bar

    Bar chart that shows the status of the exception requests requested by me.    		 State change approval Exception requests that are created by you and that are grouped according to the following statuses:
    • In review
    • Approved
    • Rejected