[Open-scap] OSCAP on Windows: UNKNOWN results
Watson Sato
wsato at redhat.com
Mon Jan 7 14:12:01 UTC 2019
Hello,
A result of "unknown" often means that the scanner was not able to collect
information about the system.
It is likely that OpenSCAP hasn't implemented the probes necessary to
collect the data to assess the checks which resulted in "unknown".
Currently there are only a few probes enabled for Windows:
- accesstoken
- registry
- wmi
- system_info
On Mon, Dec 24, 2018 at 2:41 PM Mohanraj, Bharath <
bharath_mohanraj_tp at bmc.com> wrote:
> Hi Team,
>
>
>
> I'm evaluating oscap 1.3.0 on windows, and I have a query on the same.
>
>
>
> I'm trying out oscap scanner in some of the test Windows machines (with
> different versions like win 7, 8, 8.1, 10, 2012, 2016...). I do see the
> oscap.exe scan getting triggered and evaluating the OVAL definitions
> successfully, however when I look at the html report generated, there are
> lot of definitions marked with "UNKNOWN" as result.
>
>
>
> Can someone please help me understand the possible reasons, that can
> result in "UNKNOWN" result? Also, is there anything I can do to get this
> working?
>
>
>
> Below is a snippet of the report from a Windows 8.1 machine, which shows
> UNKNOWN results.
>
>
>
> Thanks.
>
>
>
>
>
> Regards,
>
> Bharath M
> _______________________________________________
> Open-scap-list mailing list
> Open-scap-list at redhat.com
> https://www.redhat.com/mailman/listinfo/open-scap-list
--
Watson Sato
Security Technologies | Red Hat, Inc
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/open-scap-list/attachments/20190107/32d9dbfb/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 1009153 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/open-scap-list/attachments/20190107/32d9dbfb/attachment.png>
More information about the Open-scap-list
mailing list