Sent Reports Dashboard

The Sent Reports Dashboard provides comprehensive monitoring and management of vulnerability scan reports.

Overview

Access the dashboard at /reports/sent (admin only).

The dashboard displays all sent vulnerability scan reports with access statistics, retention tracking, and action alerts.

Dashboard Features

Report List Columns

Column

Description

Report ID

Unique identifier for the scan

Institution

Organization name

Scan Date

When the scan was performed

Status

Current report status (Active/Not Accessed/Expired)

Access Count

Number of times the report was accessed

First Access

Timestamp of first access

Last Access

Timestamp of most recent access

Retention Remaining

Time until report expires

Actions

Send notification button

Status Indicators

Reports are color-coded by status:

Status

Color

Description

Active

Green

Report has been accessed and retention period is active

Not Accessed

Yellow

Report has not been accessed yet

Expired

Red

Retention period has expired (24 hours after last access)

Alert Types

Action Required (Orange)

Displayed when a scan contains unmanaged IP addresses.

  • Orange warning icon

  • “Action Required” chip

  • Shows count of unmanaged IPs

  • Tooltip lists specific unmanaged IPs

Resolution: Assign Contact Persons to the unmanaged IPs.

Alert (Red)

Displayed when a report has not been accessed within 72 hours of creation.

  • Red alert icon

  • Report row highlighted in red

Resolution: Send notification to responsible parties.

Retention Policy

Reports follow a 24-hour retention policy after first access:

  1. Report is created and sent

  2. First access starts the 24-hour countdown

  3. Each subsequent access resets the timer

  4. After 24 hours of inactivity, report expires

Note

The retention timer is based on the last access time, not the first access.

Sending Notifications

Manual Notification

To send notifications for a specific report:

  1. Locate the report in the dashboard

  2. Click the “Send” button in the Actions column

  3. Wait for the notification process to complete

  4. Review the results dialog

Notification Results

After sending, a dialog displays:

  • Success count: Number of notifications sent successfully

  • Total hosts: Total number of hosts in the scan

  • Errors: List of any failures (e.g., missing contact persons)

Example:

Notifications sent: 8 / 10

Errors:
• No contact person found for IP: 192.168.1.50
• No contact person found for IP: 10.0.0.100

Troubleshooting Failed Notifications

Common issues:

  1. No contact person found

    • Cause: IP address has no assigned Contact Person

    • Solution: Add the IP to a Contact Person in /manage/contact-persons

  2. Invalid email address

    • Cause: Contact Person has no email or invalid email

    • Solution: Update the Contact Person’s email address

  3. Email sending failure

    • Cause: SMTP server issue

    • Solution: Check email configuration and server logs

Auto-Refresh

The dashboard automatically refreshes every 30 seconds to show:

  • New access events

  • Updated retention times

  • Status changes

Tip

The refresh is automatic - no need to manually reload the page.

API Endpoints

GET /dashboard/sent-reports

Get enhanced dashboard data for sent reports.

Authentication: Admin required

Response:

{
  "items": [
    {
      "scan_id": 1,
      "report_id": "2025-11-19_Demo_Corp_External_Scan",
      "scan_date": "2025-11-19T10:00:00",
      "institution_name": "Demo Corp",
      "file_hash": "a1b2c3d4e5f67890",
      "access_count": 5,
      "first_access": "2025-11-19T14:30:00",
      "last_access": "2025-11-20T09:15:00",
      "retention_remaining_seconds": 45000,
      "status": "active",
      "alert": false,
      "action_required": false,
      "unmanaged_ips": [],
      "total_ips": 10
    }
  ],
  "total": 1,
  "alerted": 0,
  "action_required": 0
}
POST /reports/send-notifications/{scan_id}

Send vulnerability notifications for a specific scan.

Authentication: Admin required

Parameters:

  • scan_id – The scan ID

Response:

{
  "message": "Notifications sent",
  "notifications_sent": 8,
  "total_hosts": 10,
  "errors": [
    "No contact person found for IP: 192.168.1.50",
    "No contact person found for IP: 10.0.0.100"
  ]
}

Best Practices

For Administrators

  1. Monitor action-required items daily - Assign Contact Persons to unmanaged IPs promptly

  2. Review alerts regularly - Investigate why reports aren’t being accessed

  3. Maintain Contact Person database - Keep IP assignments up to date

  4. Track retention expirations - Note which reports are expiring soon

For Report Recipients

  1. Access reports promptly - Avoid triggering 72-hour alerts

  2. Keep contact information current - Update your email if it changes

  3. Understand retention policy - Reports expire 24 hours after last access

  4. Download critical reports - Save important reports for long-term storage

Troubleshooting

Dashboard Not Loading

Issue: Dashboard shows loading spinner indefinitely

Solutions:

  1. Check browser console for errors

  2. Verify backend is running: docker logs vulnerability-scanner-backend-1

  3. Check network connectivity

  4. Clear browser cache and reload

Reports Not Appearing

Issue: Expected reports don’t show in dashboard

Possible causes:

  1. Missing file_hash: Reports without file_hash are filtered out

  2. Database query issue: Check backend logs

  3. Permission issue: Ensure you’re logged in as admin

Solution: Verify in database:

SELECT report_id, file_hash FROM scans WHERE file_hash IS NULL;

Incorrect Retention Times

Issue: Retention times don’t match expectations

Causes:

  1. Server time mismatch: Check Docker container time

  2. Timezone issues: Ensure UTC is used consistently

  3. Last access not updating: Check access log creation

Solution: Verify access logs:

SELECT scan_id, MAX(accessed_at) as last_access
FROM report_access_logs
GROUP BY scan_id;