Trevor, nice work, i doubt a simple script wouldn't do what's needed though.
Matthew Conley 912-398-6704 On Aug 18, 2017 10:15 PM, "Trevor Vaughan" <[email protected]> wrote: > Hi All, > > I did some digging around with the materials that Shawn provided and the > latest STIGViewer from the website and I discovered that both the Group ID > and the Rule ID must match for the result to be applied. > > I randomly changed a few items to just make *something* show up and, > indeed, when both identifiers were changed to match the version from the > published DISA STIG, they showed properly in the checklist file. > > From a quick glance, it looks like the relevant material is actually in > the SSG so it may be possible to construct an XSLT that will allow an > automatic translation between the two formats. > > That said, this is pretty much as far as I'm going down this rabbit hole. > Hopefully it helps. > > Trevor > > On Fri, Aug 18, 2017 at 5:01 PM, Reese, Brian J CTR (US) < > [email protected]> wrote: > >> I don't think the issue with STIG Viewer not taking the xccdf results is >> because of oscap, but because the SSG content doesn't have the necessary >> reference IDs. >> >> I just tried using the RHEL 7 SSG content with the SPAWAR SCC tool and >> tried importing the xccdf file into a RHEL 7 STIG checklist and it wasn't >> able to match any results. My guess is that STIG Viewer uses the "Rule ID" >> to match instead of the "STIG ID". The STIG IDs are in the xccdf results >> file from the SSG content, but the Rule IDs are nowhere to be found. The >> Rule ID is probably used because that is updated with each revision of the >> STIG whereas the STIG ID is static. >> >> v/r, >> Brian Reese >> >> -----Original Message----- >> From: Shawn Wells [mailto:[email protected]] >> Sent: Friday, August 18, 2017 4:36 PM >> To: [email protected] >> Subject: Re: [Non-DoD Source] scap-security-guide Digest, Vol 71, Issue 12 >> >> All active links contained in this email were disabled. Please verify >> the identity of the sender, and confirm the authenticity of all links >> contained within the message prior to copying and pasting the address to a >> Web browser. >> >> >> >> >> ---- >> >> >> >> On 8/18/17 3:43 PM, Mackanick, Jason W CIV DISA RE (US) wrote: >> > While I am verifying with our end. Which file format is Trevor and >> David trying to use? Also, please ensure you have the latest version >> from: Caution-http://iasecontent.disa.mil/stigs/zip/U_STIGViewer- >> 2.5.4.zip I am checking with my counterparts to confirm, but we believe >> this has been updated for 1.2. >> >> Hey Jason, >> >> Here are some XCCDF and ARF result files for you to test with, in >> case you don't have easy access to RHEL7 + OpenSCAP: >> Caution-http://people.redhat.com/swells/oscap-results-for-di >> sa/disa-arf-results.xml >> Caution-http://people.redhat.com/swells/oscap-results-for-di >> sa/disa-xccdf-results.xml >> >> Also uploaded SCAP 1.2 and 1.3 formatted XCCDF checklists: >> Caution-http://people.redhat.com/swells/oscap-results-for-di >> sa/ssg-rhel7-xccdf-1.2.xml >> Caution-http://people.redhat.com/swells/oscap-results-for-di >> sa/ssg-rhel7-xccdf-1.3.xml >> >> I've been using STIGViewer-2.5.3.jar. No change with 2.5.4. >> >> Thanks so much for engaging on this! >> >> Shawn >> _______________________________________________ >> scap-security-guide mailing list -- [email protected] >> rahosted.org >> To unsubscribe send an email to scap-security-guide-leave@list >> s.fedorahosted.org >> >> _______________________________________________ >> scap-security-guide mailing list -- [email protected] >> rahosted.org >> To unsubscribe send an email to scap-security-guide-leave@list >> s.fedorahosted.org >> >> > > > -- > Trevor Vaughan > Vice President, Onyx Point, Inc > (410) 541-6699 x788 <(410)%20541-6699> > > -- This account not approved for unencrypted proprietary information -- > > _______________________________________________ > scap-security-guide mailing list -- scap-security-guide@lists. > fedorahosted.org > To unsubscribe send an email to scap-security-guide-leave@ > lists.fedorahosted.org > >
_______________________________________________ scap-security-guide mailing list -- [email protected] To unsubscribe send an email to [email protected]
