A User Guide to Reports in Sonatype CLM
When businesses implement Sonatype CLM for the first time, they often rely heavily on looking over each individual application composition report. However, as your implementation of Sonatype CLM grows, even if just to a few dozen applications, you will discover that you start to compare the health of each of these applications to the others. It soon becomes very important to pick out the worst issues, those posing the greatest risk, and triage them first.
While this can be done by closely reviewing each report, and creating plans to address issues, there is an easier and more direct way to identify those issues which your team should be focusing on. This is done with the Sonatype CLM Trending Report. This report gathers data from every report that has been produced, for every application that Sonatype CLM is tracking. It then provides a range of data, including:
- Applications and components representing the greatest risk.
- Policy violations broken down by type - Security, License, Quality and Others
- Violation count changes and resulting trends over time.
This chapter will address how to access and run the trending report, as well as the major concepts mentioned above. In addition, it will breakdown each area of the Sonatype CLM Trending Report, to help you better understand the health of your applications, not just one at a time, but as they compare to all applications you monitor.
