Martin, What tools are needed to do the waiver processing?
Can you outline your thoughts? I’m up for helping. Greg Elin Founder, GovReady PBC m: 917-304-3488 e: grege...@govready.com <mailto:grege...@govready.com> > On May 18, 2016, at 3:58 PM, Martin Preisler <mprei...@redhat.com> wrote: > > ----- Original Message ----- >> From: "Fen Labalme" <f...@civicactions.com> >> To: "open-scap-list" <open-scap-list@redhat.com> >> Sent: Wednesday, May 18, 2016 9:56:04 AM >> Subject: Re: [Open-scap] waivers for local rule results anomolies >> >> Hard to believe it's been a year. I was drawn off to other things but I'm >> back and I still want waivers ;) > > Hi Fen, > we all want them :-) > >> Ideally, I'd like to have a yaml file (easy for an AO to read) that contains >> waivers (rule IDs and explanations) and an additional column on the >> results.html so there would be: >> >> | Group | Severity | Baseline | Result | >> >> ...where Baseline would be the (ultimately NIST certified) Baseline, and >> Result would be (ideally) all Green after application of the waivers. >> >> Has any additional work or thought gone into this? There are a lot of good >> ideas in this thread (Scaptimony, Ruby wrapper, OpenSCAP tailoring files, >> ...) -- is anything mature enough that I can use on my RHEL7 instances now? > > Not that I know of. We have the low level support in HTML report but we don't > have the tools that process the waivers. Help from the community would be > greatly appreciated in this area. > > -- > Martin Preisler > Identity Management and Platform Security | Red Hat, Inc. > > _______________________________________________ > Open-scap-list mailing list > Open-scap-list@redhat.com > https://www.redhat.com/mailman/listinfo/open-scap-list
_______________________________________________ Open-scap-list mailing list Open-scap-list@redhat.com https://www.redhat.com/mailman/listinfo/open-scap-list
