[Open-scap] How to do prose based assessment in OVAL
Martin Preisler
mpreisle at redhat.com
Mon May 2 13:39:26 UTC 2016
----- Original Message -----
> From: "Pravin Goyal" <pravin.goyal at outlook.com>
> To: open-scap-list at redhat.com
> Sent: Friday, April 29, 2016 1:30:41 AM
> Subject: [Open-scap] How to do prose based assessment in OVAL
>
>
>
> Hi All,
>
> Need help.
>
>
>
>
> I am attempting to write OVAL rules for haproxy. Most of the haproxy
> configuration files are prose based. A sample file is as below:
>
>
>
>
>
> global
> log 127.0.0.1 local0
> log 127.0.0.1 local1 notice
> #log loghost local0 info
> maxconn 32768
> tune. maxaccept -1
> chroot /var/lib/ haproxy
> daemon
> stats socket /var/run/ haproxy .sock mode 600 level admin
> stats timeout 2m
>
> defaults
> log global
> mode http
> option httplog
> option dontlognull
> retries 5
> option redispatch
> maxconn 16384
> timeout connect 7s
> timeout client 500s
> timeout server 500s
> timeout client-fin 30s
> timeout tunnel 1h
>
>
> Now suppose, I want to look for parameter ' maxconn ' in the defaults prose,
> how do I check that?
AFAIK the best way to do this is with multi-line regexes.
--
Martin Preisler
Identity Management and Platform Security | Red Hat, Inc.
More information about the Open-scap-list
mailing list