[Open-scap] oscap results stored in central database?

Fri Feb 2 14:18:22 UTC 2018

Hi Simon,

I am surprised that SCAPtimony did not get traction as well.

when you say

"To this day, I am surprised there is no lean and functional microservice
to store, query and postprocess SCAP results.
"

What would you suggest? I ask because it seems like there is a discussion
about a lean microservice (to start with) and then a discussion about a
larger application or framework which can then make use of the stored data.
Personally, I don't think these two discussions conflict. I think they are
describing the first small step to a microservice and then maybe to
something larger after that.

But I would be interested to hear your thoughts on this.

---------------
Luke Salsich

On Fri, Feb 2, 2018 at 8:21 AM, Šimon Lukašík <slukasik at redhat.com> wrote:

> Hello,
>
> As original author of SCAPtimony, I feel urged to come in and say here
> is my $0.02 coin.
>
> After spending some time on OpenSCAP development, I started wondering
> where all the results of the scans go. I thought there has to be immense
> need to make sense of the data organizations have and make a use of it.
> For instance scan-result-diff in Satellite 5 was highly regarded at the
> time. The other idea was to waive certain rule on certain system. And
> there were more ideas like that.
>
> Unfortunately, SCAPtimony project did not receive a traction I hoped
> for. And hence the development stopped. Later on, Satellite 6 absorbed
> SCAPtimony code, so community can no longer leverage what they did since.
>
> To this day, I am surprised there is no lean and functional microservice
> to store, query and postprocess SCAP results. I am still ready, to make
> the SCAPtimony fly, but I would need a funding.
>
> --
>
> The standardization was also mentioned in the thread, so let me share my
> view on that as well. I think the standardization is great in theory. I
> was huge fun of standardizations after coming out from uni. However,
> after few years I realized that it is extremely hard to write standards
> that are comprehensive and usable at the same time.
>
> The way you can write good standard is to learn first. Let the
> businesses or independent actors come up with few solutions, notice
> similarities, standardize them. Let the businesses adopt that and
> iterate again.
>
> To return back to the topic. Parsing XML to SQL models/tables is great
> idea and many freshmen would certainly love to jump on it. My gut tells
> me, however, this is not the best (or sensible) way. I sometimes
> struggle to describe why my gut says what it says, but consider
> following: If I were founding start-up on building SCAP database, I
> would surely not be parsing entities to SQL for sure.
>
> Best,
> ~š.
>
>
>
> On 01/31/2018 10:22 PM, Luke Salsich wrote:
> > Hey all,
> >
> > I've been using OpenSCAP for a while on our servers and really
> > appreciate what it does.
> >
> > I've been looking around for a way to store scan results and then query
> > them and I can't seem to locate any plugins or apps which do this other
> > than SCAPTimony.
> >
> > SCAPTimony sounds great, but I'm not sure it's currently maintained and
> > I don't really want to dive into Foreman just to store Oscap results.
> >
> > What does the community use for this kind of scan / report storing and
> > querying?
> >
> > We're currently using Ansible AWX to run scans and to manage
> > remediation. Love to find a way to pull that XML into a central
> > database.......
> >
> > Thanks very much.
> >
> > ---------------
> > Luke Salsich
> >
> >
> > _______________________________________________
> > Open-scap-list mailing list
> > Open-scap-list at redhat.com
> > https://www.redhat.com/mailman/listinfo/open-scap-list
> >
>
>
> ~š.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/open-scap-list/attachments/20180202/1545b608/attachment.htm>