Scheduled Reports
A schedule turns a one-off report into a recurring artifact. Each schedule references a template (framework pack or custom), a scope, a period definition, and a delivery list, and runs automatically at the chosen recurrence.
Recurrence
HarborGuard schedules are defined by a recurrence label, not a free-form cron expression. Supported values:
| Value | Cadence |
|---|---|
daily | Every 24 hours |
weekly | Every 7 days |
monthly | Every 30 days |
quarterly | Every 90 days |
annually | Every 365 days |
The nextRunAt timestamp is recomputed after each successful run.
Period
A schedule's period controls the data window that each generated report covers:
{ "type": "rolling", "days": 30 }— the last N days at the time of generation.{ "type": "fixed", "start": "2026-01-01", "end": "2026-03-31" }— a fixed window every report uses (typical for quarterly compliance reports).
Delivery
Compliance reports are delivered to email recipients. Each schedule's delivery.emails is a list of addresses that receive the rendered report when generation completes.
For ad-hoc, non-compliance alerts (such as sla_breach or control_failed events) the platform also supports Slack, PagerDuty, and HMAC-signed webhook channels — those are configured separately under Notifications and routed via the compliance policy's notifications section.
Creating a schedule
POST /api/report-schedules requires the admin role.
Managing schedules
| Action | Endpoint |
|---|---|
| List | GET /api/report-schedules |
| Update | PATCH /api/report-schedules/{scheduleId} |
| Pause / resume | PATCH /api/report-schedules/{scheduleId} with { "paused": true } |
| Delete | DELETE /api/report-schedules/{scheduleId} |
Each schedule's detail view shows lastRunAt, the artifact ID of the most recent run, and the computed nextRunAt.
See also
- Report Builder — what's in a scheduled report
- Notifications: Channels — routing scheduled deliveries
- Compliance Packs — typical scheduling targets