ESLZ
Understanding ESLZ Results
How to read passed, failed, partial, and not-verified ESLZ results without over-trusting them.
What this page is for
This page explains how to interpret ESLZ results safely and why the evidence state matters.
When to use it
Read this when:
- you are looking at the ESLZ tab or report section
- you need to explain what
partialornot verifiedmeans - you want to avoid over-reading green and red states
How to read the result states
Passed
Hygiara found enough evidence to say the expected control or pattern is in place.
Failed
Hygiara found enough evidence to say the expected control or pattern is missing or inconsistent.
Partial
The expected pattern exists in some places but not across the whole in-scope estate.
Not verified
The scan could not prove the state of the check with the visibility or permissions available.
What this means in practice
Not verified is intentionally not a pass. It is the product saying it does not have enough evidence to make a trustworthy call.
What to expect
ESLZ is most useful when you read it as architectural signal, not as a simple compliance scoreboard.
Common mistakes
- treating
not verifiedas if it were effectively green - treating
partialas a vague status instead of an estate-consistency problem - assuming pillar totals tell the full story without reading the type of failures underneath them