[Spacewalk-list] OpenSCAP Scans, anyone?
Simon Lukasik
slukasik at redhat.com
Wed Aug 7 09:12:03 UTC 2013
On 08/06/2013 07:15 PM, Dimitri Yioulos wrote:
> Hi, List.
>
> I've been trying to use Audit/OpenSCAP Scans on my Spacewalk
> 2.0. I've installed the requisite packages (I think on
> both Spacewalk host and target host. If I run:
>
> oscap xccdf eval --profile
> test --results /var/www/html/results.xml --report /var/www/html/report.html
> --cpe /usr/share/xml/scap/ssg/content/ssg-rhel6-cpe-dictionary.xml
> /usr/share/xml/scap/ssg/content/ssg-rhel6-xccdf.xml
>
> directly on the remote host, I not only get a nice report to
> stdout, but also a nice report in HTML. But, if I can't
> seem to get the audit set up to work from Spacewalk. Has
> anyone set this up that can show me the way?
>
> Also, I was able to DL the xccdf.xml file for CentOS6/RHEL6,
> but can't find one for CentOS5/RHEL5. Has anyone found or
> created one that he/she is willing to share?
>
> As always, appreciated.
>
> Dimitri
>
Hello Dimitri,
The behavior you see is expected.
Spacewalk does not track every scan made on the client's command-line.
Spacewalk tracks only those scans which are scheduled by Spacewalk (not
by hand on the client system).
I have written tutorial about that at
http://isimluk.livejournal.com/1027.html
To schedule a scan with SSG, please use the following arguments
arguments: --profile test --cpe
/usr/share/xml/scap/ssg/content/ssg-rhel6-cpe-dictionary.xml
path: /usr/share/xml/scap/ssg/content/ssg-rhel6-xccdf.xml
At this interface:
http://isimluk.fedorapeople.org/sw_openscap/blog/pics/blog-03-schedule.jpg
Hope this helps,
--
Simon Lukasik
Security Technologies
More information about the Spacewalk-list
mailing list