Enterprise environments continuously generate security, traffic, health-check, WAAP attack and administrator action data. Turning that data into an audit document, executive presentation or customer report is, in most cases, still a manual process. The operations team exports the data, cleans the table, builds charts, adds the company logo and converts everything to PDF. Each repetition compounds both time loss and the risk of human error.
The problem is more acute in compliance reporting. Monthly, quarterly or annual reports must be produced in the same format, with the same metrics and in a verifiable way. If a report's date range, chart axis, logo, table or text format changes, audit consistency is compromised. The production standard matters as much as the content itself.
Different stakeholders need different outputs. The CISO and management want a PDF summary; the operations team wants a filterable XLSX table. The customer success team wants a branded report; the SOC team wants an incident list and attack distribution. A single raw log export satisfies none of these needs fully.
Report language and appearance are also operational requirements. A local customer may need a report in their language, an international auditor may need English, an inspector may need a more formal format and the operations team may need more technical output. Managing that variety by manually copying templates is not sustainable.
TR7 Advanced PDF Reporting converts reporting into a repeatable platform function: template-based PDF/XLSX generation, brand templates, chart helpers, multi-language support and a controlled render pipeline for long-running reports.
TR7 treats reporting not as raw data export but as a production pipeline in which template, chart, brand and output format work together.
PDF output is rendered from an HTML/CSS template. Report details such as A4 page layout, header/footer, page breaks and visual alignment are managed inside the template.
Reports are stored in category-based template directories. Each template is managed with its own configuration, HTML content and helper functions.
PDF is the right format for executive and compliance reports; XLSX is used for detailed tables, filtering and operations analysis. The same data can be delivered in different formats to different stakeholders.
Chart helpers, color palettes and country-map components turn metrics inside the report into visual narratives. Attack distribution, time series, capacity trends and geographic density can all appear in a single template.
Advanced PDF Reporting combines PDF/XLSX generation, template helpers, a chart engine, brand assets and multi-language support in a single reporting infrastructure.
PDF generation starts from HTML/CSS content and uses the Chrome render engine to ensure visual consistency. A4 page layout, table breaks, page-end control, header/footer and brand areas are all managed inside the template. This approach means the report renders into PDF in a form that closely matches the browser-rendered design. Executive reports and audit outputs look more professional as a result.
PDF excels at readable and presentable reports, but operations teams typically need tables they can filter and process further. XLSX output is produced by converting an HTML table to Excel format. Capacity trends, health-check events, WAAP incident lists or service statuses can all be examined inside Excel. The same underlying data is therefore adapted to both management and operations formats.
Dynamic data binding inside templates is handled by EJS. Report data can be pushed into headings, tables, charts, summary text and conditional content sections. The same template can be regenerated with different date ranges, customer names, services or vTenant data. This structure removes reports from the category of manual copy-paste work.
TR7's reporting structure is organized around report-pdf, report-xlsx and waf-pdf as the main template families. The PDF family handles general reports, the XLSX family handles table-focused operations output and the WAAP-PDF family handles security and attack reports. Legacy template families can be retained. This separation makes report maintenance and version management more orderly.
Each template can include its own helper functions. Date formatting, metric conversion, table grouping, color selection or chart data preparation are kept in template-specific helpers. This preserves the shared render engine while allowing each report family to carry its own logic. The report template and report behavior are versioned together.
Reports can use logos, icons, style files, custom visuals or brand assets. The assets structure ensures the report is generated in line with the customer or organization identity. This is especially important in customer reports, audit outputs and executive presentations. The report output looks like a corporate document rather than a raw system screen.
Chart configuration and helper components are used to turn report data into charts. Attack count over time, service health, capacity trends or category distribution can all be presented visually. Charts allow the report reader to grasp the overall state without looking at a raw table. This is especially valuable in executive summaries.
Color management and palette helpers ensure charts and report components appear consistently. The same category can be shown with the same color logic in every report. This improves comparability across periodic reports. Using colors aligned with the brand template also makes the report look professional.
svgMap-based geographic visualization adds attack, access or incident distribution at the country level to reports. WAAP attack reports can show visually which countries generate heavy traffic. This helps SOC and management teams understand the threat geography quickly. Table and map together produce stronger evidence.
With a language library and translation helpers, report text can be generated in different languages. A report in the local language can be prepared for domestic customers and an English report for international auditors. This approach makes it easy to produce different-language output from the same data. The need for manual translation when sending reports to external stakeholders is reduced.
PDF/XLSX reporting is operated together with the template directory, render call, CLI usage, Chrome parameters, timeout configuration and example data structures.
Report templates are stored under `tr7-server/jsreport/templates/{templateName}/`. Each template is managed in its own directory. This structure makes it easy to version and maintain individual report types independently.
Each template consists of `config.json`, `content.html` and `helpers.js`. config carries render settings, content carries the report HTML, and helpers carries template-specific JavaScript utilities. This separation improves template readability.
The render flow uses template configuration, HTML content, helper functions and a data object together. Source data is passed to the report as `data` and processed inside the template. The same template can be regenerated with different data sets.
Report generation can be triggered from the command line by providing a template name and source data path. If no output path is specified, a timestamped temporary output is produced. This model is useful for ad-hoc report generation and automation scenarios.
PDF rendering can be run with Chrome parameters such as no-sandbox and disable-extensions. These parameters provide more controlled render behavior in server environments. Security and isolation requirements in the operations environment should be evaluated separately.
Large data sets and visually rich reports may require longer render time. The render timeout can be configured at the one-hour level. This helps prevent large WAAP or compliance reports from being cut short mid-render.
The security team can produce a quarterly compliance report as a branded PDF. The report can include summary metrics, charts, audit findings and a signature field. A repeatable, standard output is delivered to the CISO and auditors.
With the waf-pdf template family, attack types, country distribution, the most-targeted paths and top source IPs can be reported. Chart and map support makes incidents easier to understand. The SOC team can present monthly trends to management.
The operations team can receive capacity trends, health-check changes and backend downtime events in XLSX format. Filtering, sorting and additional analysis can be done in Excel. This output is more workable for technical teams than a PDF.
A managed service provider can produce a security report with a customer-specific logo, color scheme and table layout. WAAP events, access trends and risk summaries are presented in a single PDF. The report serves as an audit-ready document for the customer's review process.
Generate compliance, security and operations reports as branded PDF or XLSX. Let's walk through a live setup in your own environment.