[Open-scap] oscap results stored in central database?
Jan Cerny
jcerny at redhat.com
Mon Feb 12 08:52:07 UTC 2018
Hi,
This idea is very interesting.
Unfortunately it is not likely that we in Red Hat work on this database,
because it will create a strong competition for Red Hat Satellite.
But we will be very happy to provide our support and knowledge
if there will be a project developed by community.
Regards
Jan Černý
Security Technologies | Red Hat, Inc.
----- Original Message -----
> From: "Šimon Lukašík" <slukasik at redhat.com>
> To: "Luke Salsich" <luke.salsich at gmail.com>
> Cc: "open-scap-list" <open-scap-list at redhat.com>
> Sent: Friday, February 2, 2018 9:21:31 PM
> Subject: Re: [Open-scap] oscap results stored in central database?
>
> On 02/02/2018 03:18 PM, Luke Salsich wrote:
> > Hi Simon,
> >
> > I am surprised that SCAPtimony did not get traction as well.
> >
> > when you say
> >
> > "To this day, I am surprised there is no lean and functional microservice
> > to store, query and postprocess SCAP results.
> > "
> >
> > What would you suggest? I ask because it seems like there is a
> > discussion about a lean microservice (to start with) and then a
> > discussion about a larger application or framework which can then make
> > use of the stored data. Personally, I don't think these two discussions
> > conflict. I think they are describing the first small step to a
> > microservice and then maybe to something larger after that.
> >
>
> When I said `that I am surprised that there is no lean and functional
> microservice to stre query and postprocess SCAP results` I was trying to
> imply that the task is really not that hard.
>
> Take SCAPtimony and you are pretty close. I think its about 1 month of
> fulltime developer time (assuming she really knows what she is doing and
> she can afford to not look at mails, ignore sprints, scrums, managers,
> re-orgs and other urgent non-important things).
>
> Cheers,
> ~š.
>
> > But I would be interested to hear your thoughts on this.
> >
> >
> >
> >
> > ---------------
> > Luke Salsich
> >
> > On Fri, Feb 2, 2018 at 8:21 AM, Šimon Lukašík <slukasik at redhat.com
> > <mailto:slukasik at redhat.com>> wrote:
> >
> > Hello,
> >
> > As original author of SCAPtimony, I feel urged to come in and say here
> > is my $0.02 coin.
> >
> > After spending some time on OpenSCAP development, I started wondering
> > where all the results of the scans go. I thought there has to be
> > immense
> > need to make sense of the data organizations have and make a use of it.
> > For instance scan-result-diff in Satellite 5 was highly regarded at the
> > time. The other idea was to waive certain rule on certain system. And
> > there were more ideas like that.
> >
> > Unfortunately, SCAPtimony project did not receive a traction I hoped
> > for. And hence the development stopped. Later on, Satellite 6 absorbed
> > SCAPtimony code, so community can no longer leverage what they did
> > since.
> >
> > To this day, I am surprised there is no lean and functional
> > microservice
> > to store, query and postprocess SCAP results. I am still ready, to make
> > the SCAPtimony fly, but I would need a funding.
> >
> > --
> >
> > The standardization was also mentioned in the thread, so let me share
> > my
> > view on that as well. I think the standardization is great in theory. I
> > was huge fun of standardizations after coming out from uni. However,
> > after few years I realized that it is extremely hard to write standards
> > that are comprehensive and usable at the same time.
> >
> > The way you can write good standard is to learn first. Let the
> > businesses or independent actors come up with few solutions, notice
> > similarities, standardize them. Let the businesses adopt that and
> > iterate again.
> >
> > To return back to the topic. Parsing XML to SQL models/tables is great
> > idea and many freshmen would certainly love to jump on it. My gut tells
> > me, however, this is not the best (or sensible) way. I sometimes
> > struggle to describe why my gut says what it says, but consider
> > following: If I were founding start-up on building SCAP database, I
> > would surely not be parsing entities to SQL for sure.
> >
> > Best,
> > ~š.
> >
> >
> >
> > On 01/31/2018 10:22 PM, Luke Salsich wrote:
> > > Hey all,
> > >
> > > I've been using OpenSCAP for a while on our servers and really
> > > appreciate what it does.
> > >
> > > I've been looking around for a way to store scan results and then
> > query
> > > them and I can't seem to locate any plugins or apps which do this
> > other
> > > than SCAPTimony.
> > >
> > > SCAPTimony sounds great, but I'm not sure it's currently
> > maintained and
> > > I don't really want to dive into Foreman just to store Oscap results.
> > >
> > > What does the community use for this kind of scan / report storing
> > > and
> > > querying?
> > >
> > > We're currently using Ansible AWX to run scans and to manage
> > > remediation. Love to find a way to pull that XML into a central
> > > database.......
> > >
> > > Thanks very much.
> > >
> > > ---------------
> > > Luke Salsich
> > >
> > >
> > > _______________________________________________
> > > Open-scap-list mailing list
> > > Open-scap-list at redhat.com <mailto:Open-scap-list at redhat.com>
> > > https://www.redhat.com/mailman/listinfo/open-scap-list
> > <https://www.redhat.com/mailman/listinfo/open-scap-list>
> > >
> >
> >
> > ~š.
> >
> >
>
>
> ~š.
>
> _______________________________________________
> Open-scap-list mailing list
> Open-scap-list at redhat.com
> https://www.redhat.com/mailman/listinfo/open-scap-list
More information about the Open-scap-list
mailing list