Oh, I never said the script would be simple, I only said that all of the relevant information was present....
On Fri, Aug 18, 2017 at 10:55 PM, Matthew <[email protected]> wrote: > Trevor, nice work, i doubt a simple script wouldn't do what's needed > though. > > Matthew Conley > 912-398-6704 <(912)%20398-6704> > > On Aug 18, 2017 10:15 PM, "Trevor Vaughan" <[email protected]> wrote: > >> Hi All, >> >> I did some digging around with the materials that Shawn provided and the >> latest STIGViewer from the website and I discovered that both the Group ID >> and the Rule ID must match for the result to be applied. >> >> I randomly changed a few items to just make *something* show up and, >> indeed, when both identifiers were changed to match the version from the >> published DISA STIG, they showed properly in the checklist file. >> >> From a quick glance, it looks like the relevant material is actually in >> the SSG so it may be possible to construct an XSLT that will allow an >> automatic translation between the two formats. >> >> That said, this is pretty much as far as I'm going down this rabbit hole. >> Hopefully it helps. >> >> Trevor >> >> On Fri, Aug 18, 2017 at 5:01 PM, Reese, Brian J CTR (US) < >> [email protected]> wrote: >> >>> I don't think the issue with STIG Viewer not taking the xccdf results is >>> because of oscap, but because the SSG content doesn't have the necessary >>> reference IDs. >>> >>> I just tried using the RHEL 7 SSG content with the SPAWAR SCC tool and >>> tried importing the xccdf file into a RHEL 7 STIG checklist and it wasn't >>> able to match any results. My guess is that STIG Viewer uses the "Rule ID" >>> to match instead of the "STIG ID". The STIG IDs are in the xccdf results >>> file from the SSG content, but the Rule IDs are nowhere to be found. The >>> Rule ID is probably used because that is updated with each revision of the >>> STIG whereas the STIG ID is static. >>> >>> v/r, >>> Brian Reese >>> >>> -----Original Message----- >>> From: Shawn Wells [mailto:[email protected]] >>> Sent: Friday, August 18, 2017 4:36 PM >>> To: [email protected] >>> Subject: Re: [Non-DoD Source] scap-security-guide Digest, Vol 71, Issue >>> 12 >>> >>> All active links contained in this email were disabled. Please verify >>> the identity of the sender, and confirm the authenticity of all links >>> contained within the message prior to copying and pasting the address to a >>> Web browser. >>> >>> >>> >>> >>> ---- >>> >>> >>> >>> On 8/18/17 3:43 PM, Mackanick, Jason W CIV DISA RE (US) wrote: >>> > While I am verifying with our end. Which file format is Trevor and >>> David trying to use? Also, please ensure you have the latest version >>> from: Caution-http://iasecontent.disa.mil/stigs/zip/U_STIGViewer-2 >>> .5.4.zip I am checking with my counterparts to confirm, but we believe >>> this has been updated for 1.2. >>> >>> Hey Jason, >>> >>> Here are some XCCDF and ARF result files for you to test with, in >>> case you don't have easy access to RHEL7 + OpenSCAP: >>> Caution-http://people.redhat.com/swells/oscap-results-for-di >>> sa/disa-arf-results.xml >>> Caution-http://people.redhat.com/swells/oscap-results-for-di >>> sa/disa-xccdf-results.xml >>> >>> Also uploaded SCAP 1.2 and 1.3 formatted XCCDF checklists: >>> Caution-http://people.redhat.com/swells/oscap-results-for-di >>> sa/ssg-rhel7-xccdf-1.2.xml >>> Caution-http://people.redhat.com/swells/oscap-results-for-di >>> sa/ssg-rhel7-xccdf-1.3.xml >>> >>> I've been using STIGViewer-2.5.3.jar. No change with 2.5.4. >>> >>> Thanks so much for engaging on this! >>> >>> Shawn >>> _______________________________________________ >>> scap-security-guide mailing list -- [email protected] >>> rahosted.org >>> To unsubscribe send an email to scap-security-guide-leave@list >>> s.fedorahosted.org >>> >>> _______________________________________________ >>> scap-security-guide mailing list -- [email protected] >>> rahosted.org >>> To unsubscribe send an email to scap-security-guide-leave@list >>> s.fedorahosted.org >>> >>> >> >> >> -- >> Trevor Vaughan >> Vice President, Onyx Point, Inc >> (410) 541-6699 x788 <(410)%20541-6699> >> >> -- This account not approved for unencrypted proprietary information -- >> >> _______________________________________________ >> scap-security-guide mailing list -- [email protected] >> rahosted.org >> To unsubscribe send an email to scap-security-guide-leave@list >> s.fedorahosted.org >> >> > _______________________________________________ > scap-security-guide mailing list -- scap-security-guide@lists. > fedorahosted.org > To unsubscribe send an email to scap-security-guide-leave@ > lists.fedorahosted.org > > -- Trevor Vaughan Vice President, Onyx Point, Inc (410) 541-6699 x788 -- This account not approved for unencrypted proprietary information --
_______________________________________________ scap-security-guide mailing list -- [email protected] To unsubscribe send an email to [email protected]
