DNA Query is a tool to generate a high-level summary report containing key data from one or more CyberArk DNA scans conducted for a customer. In addition, it also tries to highlight areas of best practice which should be implemented as part of any project to improve privileged account security within an organisation.
At present only scan data generated by DNA v8.0 and above are supported by this tool. DNA reports from older versions may work, but there are no guarantees. Support is not offered for older DNA reports, so beware.
- You must have internet access. DNAQuery uses the Google Charts library which is only available via the web. If you do not have internet access when you run DNAQuery, charts may not display correctly if at all.
- Google Chrome must be installed, and chrome.exe must exist in the location %LOCALAPPDATA%\Google\Chrome\Application\chrome.exe
- Microsoft Excel 2010 or higher must be installed
- If you are using a language other than English, install the Multilingual User Interface Pack for your version of Office.
- Make a copy of "env.ps1.example" and rename it to "env.ps1"
- Edit "env.ps1" and enter your details, and those of the client you are preparing the report for. Make sure the input location for the DNA reports is correctly specified.
When you have completed the configuration process:
- Run DNAQuery:
- browse to the folder containing the DNA Query tool
- right click v2-dnaquery.ps1 and select 'Run with Powershell'
- the script will open and run in a new PowerShell instance
- NOTE: do not run the script from within an existing PowerShell instance. SQLite is very finicky with regard to file paths and these can be broken if the script is not run as described.
- The script may take anywhere from 30 seconds to 60 minutes to complete, depending on the size of the DNA results files.
- Upon completion, the script will notify the user that the report building process has been completed.
- The PDF version of the report does not include the first chart in the Overall Account Health - Compliant And Non-Compliant Accounts. Workaround: open the HTML report and manually print from the browser.
- The path for the Chrome browser executable should be auto-discovered but this does not always work depending on the type of Chrome installation.