[Spacewalk-list] solved: anyone tried to setup a schedule for oscap audit?
Aaron Prayther
aprayther at lce.com
Mon Nov 4 15:04:35 UTC 2013
[root at naan ~]# cat oscap.py
#!/usr/bin/python
import xmlrpclib
client = xmlrpclib.ServerProxy('https://192.168.1.253/rpc/api')
key = client.auth.login('admin', 'passwd')
client.system.scap.scheduleXccdfScan(key, 1000010007,
'/root/U_RedHat_5-V1R4_STIG_Benchmark-xccdf.xml',
'--profile MAC-3_Classified')
[root at naan ~]# rhn_check
set the above script as a cron job and you can get a report generated anytime you want. view audit in spacewalk/satellite.
this script came from https://access.redhat.com/site/documentation/en-US/Red_Hat_Network_Satellite/5.5/html/User_Guide/sect-Red_Hat_Network_Satellite-User_Guide-OpenSCAP-OpenSCAP_in_RHN_Satellite.html
Explanation from same redhat document:
Where:
*
1000010001 is the system ID (sid).
*
/usr/local/share/scap/usgcb-rhel5desktop-xccdf.xml is the path parameter that points to the content location on the client system. In this case, it assumes USGSB content in the /usr/local/share/scap directory.
*
--profile united_states_government_configuration_baseline represents the additional argument for the oscap tool. In this case, it is using the USCFGB.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/spacewalk-list/attachments/20131104/1973bac9/attachment.htm>
More information about the Spacewalk-list
mailing list