[Open-scap] Is there any easy way to output the value of the xccdf score from a scan?
Luther Goh Lu Feng
elfgoh at yahoo.com
Fri Apr 28 08:54:37 UTC 2017
Can I also double check that the below para's[1] note about plain text does not apply to reports?
<quote>Another useful features of oscap is the ability to generate SCAP content in a human-readable format. It allows you to transform an XML file into HTML or plain-text format. This feature is used to generate security guides and checklists, which serve as a source of information, as well as guidance for secure system configuration. The results of system scans can also be transformed to well-readable result reports.
</quote>
[1] https://static.open-scap.org/openscap-1.0/oscap_user_manual.html#_generating_reports_and_guides
On Friday, April 28, 2017 4:10 PM, Philippe Thierry <phil at reseau-libre.net> wrote:
Le 28/04/2017 à 09:53, Luther Goh Lu Feng a écrit :
> Currently, the html report from an xccdf scan has the value as attached. Is there any easy way to send this value to the shell when running oscap from the cli?
>
>
> --Luther
As far as I know, you should use the ARF format report for
postprocessing (using tools such as Foreman) to get back such value. The
report is for human information only. Using a shell script directly, you
have to parse the XML file.
I'm currently integrating openscap-daemon into Debian sid (it's in the
NEW queue by now, should be integrated in some days), which will help
you to schedule and store the results and reports for postprocessing,
which make it easier than shell-scripting.
If you want a complete integration, Scaptimony would help through
storing results in a database in a ROR ecosystem... Yet I didn't start
its packaging (well its ruby code... leave me some zen time first ;) )
--
Philippe.
_______________________________________________
Open-scap-list mailing list
Open-scap-list at redhat.com
https://www.redhat.com/mailman/listinfo/open-scap-list
More information about the Open-scap-list
mailing list