Hi Rocio, IMHO it should work always, this must be a very weird bug. I haven't managed to reproduce the issue with the command you provided. Please ensure that you have OpenSCAP newer that 1.2.2. To be able to reproduce it and investigate it I would need your benchmark.
Regards Jan Černý Security Technologies | Red Hat, Inc. ----- Original Message ----- > From: "Rocio Romero" <[email protected]> > To: "Jan Cerny" <[email protected]> > Sent: Tuesday, July 5, 2016 8:51:09 PM > Subject: Re: [Open-scap] Informational value > > HI Jan, > > I reviewed the process again. > > When I executed the command, > > $oscap xccdf eval --profile my_profile --results results.xml --oval-results > --report report.html my_benchmark-ds.xml > > This time I realized that the option creates the > my_benchmark-oval.xml.results.xml file, where is the oval results > information. But this information is not showed on the html file. > > The command doesn't give errors. > > What could be happening here? > > > > *Rocio Romero * > > *IT Security Engineer* > [image: http://www.wazuh.com/] <http://www.wazuh.com/> > > On Mon, Jul 4, 2016 at 4:25 AM, Jan Cerny <[email protected]> wrote: > > > Hi Rocio, > > > > It should work always when using OVAL definitions. > > This looks like a bug. Could you provide details, please? > > > > Regards > > > > Jan Černý > > Security Technologies | Red Hat, Inc. > > > > ----- Original Message ----- > > > From: "Rocio Romero" <[email protected]> > > > To: "Jan Cerny" <[email protected]> > > > Cc: [email protected] > > > Sent: Friday, July 1, 2016 7:56:08 PM > > > Subject: Re: [Open-scap] Informational value > > > > > > Hi Jan, > > > > > > Thank you so much for your answer! It was really helpful :) > > > > > > I have one more question with the -oval-results option…. For some > > reason, it > > > did’t show the details with a benchmark I have. I tried with other > > personal > > > benchmark and that one worked. There is something needed in the xccdf or > > > oval file to make it works? I reviewed both and I don’t know what is > > exactly > > > happening :/ > > > > > > Thank you! > > > > > > Rocio > > > > > > > > > > > > > > > > On Jul 1, 2016, at 12:38 AM, Jan Cerny <[email protected]> wrote: > > > > > > > > Hi Rocio, > > > > > > > > Yes, the result of an XCCDF check can be "informational". > > > > The XCCDF specification [1] says that: > > > > > > > > The <xccdf:Rule> was checked, but the output from the checking engine > > is > > > > simply > > > > information for auditors or administrators; it is not a compliance > > > > category. This status value is > > > > designed for <xccdf:Rule> elements whose main purpose is to extract > > > > information from the > > > > target rather than test the target. > > > > > > > > From what I understand, this value is used for rules that are > > evaluated, > > > > but not going to be > > > > counted into the result score (do not affect the score). That happens > > if > > > > you have an XCCDF rule > > > > with attribute "role" set to "unscored". > > > > However I am sorry I haven't found any check in OpenSCAP that is using > > > > this. > > > > > > > > Regarding your second question, OpenSCAP >= 1.2.2 can display OVAL > > results > > > > in the HTML report if you run it with "--oval-results", eg.: > > > > > > > > # oscap xccdf eval --results results.xml --oval-results --report > > > > report.html my_benchmark.xml > > > > > > > > The HTML report will look like in [2]. > > > > > > > > [1] > > http://csrc.nist.gov/publications/nistir/ir7275-rev4/NISTIR-7275r4.pdf > > > > (page 43) > > > > [2] > > > > > > https://www.open-scap.org/wp-content/uploads/2015/09/ssg-rhel7-ds-xccdf.report.html > > > > > > > > I hope this helps. > > > > > > > > Best regards > > > > > > > > Jan Černý > > > > Security Technologies | Red Hat, Inc. > > > > > > > > ----- Original Message ----- > > > >> From: "Rocio Romero" <[email protected]> > > > >> To: [email protected] > > > >> Sent: Thursday, June 30, 2016 9:50:34 PM > > > >> Subject: [Open-scap] Informational value > > > >> > > > >> Hi everyone, > > > >> > > > >> I was taking a look to the possibles values we can get from a check in > > > >> this > > > >> webpage > > > >> > > https://sadocs.emc.com/0_en-us/089_105InfCtr/215_SysAdm/ConfigurSTIG/30_OpenSCAPRpt > > > >> . > > > >> > > > >> I saw that “Informational” is a valid value. Could you please give me > > an > > > >> example of this? > > > >> > > > >> Also, I was wondering if there is any way to return some output from a > > > >> check > > > >> and put this output in the report (a friend ask me about that and I’m > > not > > > >> sure 100%). > > > >> > > > >> Thank you so much, > > > >> > > > >> Rocio > > > >> > > > >> _______________________________________________ > > > >> Open-scap-list mailing list > > > >> [email protected] > > > >> https://www.redhat.com/mailman/listinfo/open-scap-list > > > > > > > > > _______________________________________________ Open-scap-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/open-scap-list
