Ok, I couldn't let it go for various reasons. The following is the minimal viable test results XML file that makes the STIGViewer do something useful.
I have a use for this in particular and hopefully it helps in the search for sanity. The fact that the STIGViewer checklist export doesn't have an associated schema is not thrilling. ## BEGIN XML ## <?xml version="1.0" encoding="UTF-8"?> <TestResult id="I Love Testing" xmlns="http://checklists.nist.gov/xccdf/1.2"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xml:lang="en-US" style="SCAP_1.2" start-time="1970-01-01T00:00:00" end-time="1970-01-01T00:00:01" > <benchmark>RHEL_7_STIG</benchmark> <!-- Useful but not required --> <remark>Minimal Valid Test Results</remark> <organization>Friday Night Party!</organization> <target>localhost.localdomain</target> <score>100.0</score> <!-- End: useful but not required --> <target-address>127.0.0.1</target-address> <target-facts> <!-- These fill out the fields in the 'Target Data' part of the viewer --> <fact name="urn:xccdf:asset:identifier:mac" type="string">00:00:00:00:00:00</fact> <fact name="urn:xccdf:asset:identifier:host_name" type="string">localhost</fact> <fact name="urn:xccdf:asset:identifier:fqdn" type="string">localhost.localdomain</fact> </target-facts> <rule-result idref="SV-86687r4_rule"> <result>pass</result> </rule-result> </TestResult> ## END XML ## Thanks, Trevor On Fri, Aug 18, 2017 at 10:14 PM, Trevor Vaughan <[email protected]> wrote: > Hi All, > > I did some digging around with the materials that Shawn provided and the > latest STIGViewer from the website and I discovered that both the Group ID > and the Rule ID must match for the result to be applied. > > I randomly changed a few items to just make *something* show up and, > indeed, when both identifiers were changed to match the version from the > published DISA STIG, they showed properly in the checklist file. > > From a quick glance, it looks like the relevant material is actually in > the SSG so it may be possible to construct an XSLT that will allow an > automatic translation between the two formats. > > That said, this is pretty much as far as I'm going down this rabbit hole. > Hopefully it helps. > > Trevor > > On Fri, Aug 18, 2017 at 5:01 PM, Reese, Brian J CTR (US) < > [email protected]> wrote: > >> I don't think the issue with STIG Viewer not taking the xccdf results is >> because of oscap, but because the SSG content doesn't have the necessary >> reference IDs. >> >> I just tried using the RHEL 7 SSG content with the SPAWAR SCC tool and >> tried importing the xccdf file into a RHEL 7 STIG checklist and it wasn't >> able to match any results. My guess is that STIG Viewer uses the "Rule ID" >> to match instead of the "STIG ID". The STIG IDs are in the xccdf results >> file from the SSG content, but the Rule IDs are nowhere to be found. The >> Rule ID is probably used because that is updated with each revision of the >> STIG whereas the STIG ID is static. >> >> v/r, >> Brian Reese >> >> -----Original Message----- >> From: Shawn Wells [mailto:[email protected]] >> Sent: Friday, August 18, 2017 4:36 PM >> To: [email protected] >> Subject: Re: [Non-DoD Source] scap-security-guide Digest, Vol 71, Issue 12 >> >> All active links contained in this email were disabled. Please verify >> the identity of the sender, and confirm the authenticity of all links >> contained within the message prior to copying and pasting the address to a >> Web browser. >> >> >> >> >> ---- >> >> >> >> On 8/18/17 3:43 PM, Mackanick, Jason W CIV DISA RE (US) wrote: >> > While I am verifying with our end. Which file format is Trevor and >> David trying to use? Also, please ensure you have the latest version >> from: Caution-http://iasecontent.disa.mil/stigs/zip/U_STIGViewer- >> 2.5.4.zip I am checking with my counterparts to confirm, but we believe >> this has been updated for 1.2. >> >> Hey Jason, >> >> Here are some XCCDF and ARF result files for you to test with, in >> case you don't have easy access to RHEL7 + OpenSCAP: >> Caution-http://people.redhat.com/swells/oscap-results-for-di >> sa/disa-arf-results.xml >> Caution-http://people.redhat.com/swells/oscap-results-for-di >> sa/disa-xccdf-results.xml >> >> Also uploaded SCAP 1.2 and 1.3 formatted XCCDF checklists: >> Caution-http://people.redhat.com/swells/oscap-results-for-di >> sa/ssg-rhel7-xccdf-1.2.xml >> Caution-http://people.redhat.com/swells/oscap-results-for-di >> sa/ssg-rhel7-xccdf-1.3.xml >> >> I've been using STIGViewer-2.5.3.jar. No change with 2.5.4. >> >> Thanks so much for engaging on this! >> >> Shawn >> _______________________________________________ >> scap-security-guide mailing list -- [email protected] >> rahosted.org >> To unsubscribe send an email to scap-security-guide-leave@list >> s.fedorahosted.org >> >> _______________________________________________ >> scap-security-guide mailing list -- [email protected] >> rahosted.org >> To unsubscribe send an email to scap-security-guide-leave@list >> s.fedorahosted.org >> >> > > > -- > Trevor Vaughan > Vice President, Onyx Point, Inc > (410) 541-6699 x788 <(410)%20541-6699> > > -- This account not approved for unencrypted proprietary information -- > -- Trevor Vaughan Vice President, Onyx Point, Inc (410) 541-6699 x788 -- This account not approved for unencrypted proprietary information --
_______________________________________________ scap-security-guide mailing list -- [email protected] To unsubscribe send an email to [email protected]
