On 4/5/17 2:54 PM, Greg Hennessy wrote:
> Bummer
> On Wed, Apr 5, 2017 at 1:53 PM, Shawn Wells <sh...@redhat.com
> <mailto:sh...@redhat.com>> wrote:
>     On 4/5/17 1:43 PM, Greg Hennessy wrote:
>>     I am exploring the use of open-scap to verify my machines meet
>>     the DISA stigs. If I run oscap against the 
>>     /usr/share/xml/scap/ssg/content/ssg-rhel7-ds.xml file  things
>>     seem to work
>>     as expected. If I run oscap against the file from iase.disa.mil
>>     <http://iase.disa.mil>, all 
>>     of the results show "notchecked". Does anyone have a sugguestion
>>     as to
>>     how to force the checks to happen?
>>     My typed command line is:
>>     # oscap xccdf eval --profile MAC-2_Public  --report
>>     /tmp/disa_stig.html
>>     U_Red_Hat_Enterprise_Linux_7_STIG_V1R1_Manual-xccdf.xml
>     DISA does not publish automation content -- so it's impossible to
>     use their content.

With that said, we're tracking to having a SSG profile align more
directly against the content DISA published. Here's a dashboard with the
missing pieces:


Patches most welcome, especially to build out missing OVAL!
Open-scap-list mailing list

Reply via email to