Viewing results in evidence finder

After your search is finished, you can view the results that matched your search criteria.

Keep in mind that multiple resources might be assessed during evidence collection. As a result, evidence can include one or more related resources. In evidence finder, results are shown at the resource level, with one row for each resource. You can preview a summary of each resource without leaving the page.

After you review the search results, you can generate an assessment report that includes that evidence.

Important

We recommend that you keep evidence finder open until you finished exploring your search results. Your search results are discarded when you navigate away from the View Results table. If needed, you can view your recent results in the CloudTrail console at https://console.aws.amazon.com/cloudtrail/. Here, the results of your search queries are preserved for seven days. However, keep in mind that you can't generate an assessment report from your search results in the CloudTrail console.

Viewing the grouped results

If you grouped your results, you can review the groupings before you dive deeper into the evidence.

Note

If you didn't group results, evidence finder doesn’t display the Group by results table. Instead, you're taken directly to the View results table.

Use the Group by results table to learn the breadth of the matching evidence and how it's distributed across a specific dimension. Results are grouped by the value that you selected. For example, if you grouped by Resource type, the table shows a list of AWS resource types. The Total evidence column shows the number of matching results for each resource type.

To get the results for a group

1. From the Group by results table, select the row for the results that you want to get.

2. Choose Get results. This starts a new search query, and redirects you to the View results table where you can see the results for that group.

Viewing the search results

The View results table displays your search results. From here, you can take the following actions:

• Manage your viewing preferences

• Preview resource summaries

• Generate an assessment report from your search results

Manage your viewing preferences

Your viewing preferences control what you see on the results page.

To manage your viewing preferences

1. Choose the settings icon at the top of the View results table.

   

2. Review and change the following settings as needed:

   1. Select visible table columns – Use the toggle option to change which columns are displayed.

   2. Page size – Select a radio button to specify how many results are shown on each page.

   3. Wrap text – Select the check box to wrap long lines of text for better readability.

3. Choose Confirm to save your preferences.

Preview resource summaries

Before you generate an assessment report, you can preview the related resources for the evidence that matched your search query. This helps you determine if the search query returned the intended results, or if you need to adjust your filters and re-run the search query.

Keep in mind that evidence can have one or more related resources. Evidence finder shows results at the resource level (with one row for each resource).

To preview resource summaries

1. Select the radio button next to a result. This opens a resource summary panel on the current page.

2. (Optional) To see the full details of the related evidence, choose the evidence name.

3. (Optional) Use the horizontal lines (=) to drag and resize the resource summary pane.

4. Choose (x) to close the resource summary pane.

Generate an assessment report from your search results

After you're satisfied with the search results, generate an assessment report.

Note

• Audit Manager generates a one-time report using only the evidence from the search results. This report doesn't include any evidence that was manually added to a report from the assessment page.

• Limits apply to how much evidence can be included in an assessment report. For more information, see Troubleshooting evidence finder.

To generate an assessment report from your search results

1. At the top of the View results table, choose Generate assessment report.

2. Enter a name and a description for your assessment report, and review the assessment report details.

3. Choose Generate assessment report.

4. Wait a few minutes while your assessment report is generated. A green success message confirms when the report is ready.

5. Go to the Assessment reports page of the Audit Manager console to find and download your assessment report.