Just thinking this through some more, I suppose my initial interest in XML
to SQL, rather than wanting to go from XML to an application (like Foreman)
was so that I could keep the data in a form which is easy for any language
to integrate with and most platforms to access. This is another reason I
love that you guys output to XML - it's easy to build on that because it's
so widely adapted and accessible.

I'm coming from a perspective where we are using multiple tools to collect
data on our systems (not just security related data). Many of these systems
store their data in a format which is not as easy to access as XML or SQL -
which then makes it challenging to bring all the data together to present
the entire picture.

I don't expect (or even want) to find one application which handles all of
this data. I selfishly want to be able to grab the data I want and then do
what I want with it. pulling data together from XML, Whisper, JSON,
Elasticsearch, Mongo, etc make this hard.

All of this is to say maybe a first step would be to write some XSLT files
for MariaDB and Postgre and then see where that goes? someone could use
that to then start an API, etc.

I also did want to mention the really great work the people at Wazuh have
done in adding Open-Scap data to their OSSEC fork which then outputs data
into elasticsearch / Kibana dashboards really nicely. I will continue to
use their product gratefully, but as I say - I'm looking for data which I
can query without having to master Lucene to get data out of Elasticsearch.


Luke Salsich

On Thu, Feb 1, 2018 at 1:20 PM, Fen Labalme <fen.laba...@civicactions.com>

> I like where this is going as I have similar needs/issues. I currently do
> the same as Paul Arnold ("an oscap cron with "brief" results going to
> centralized syslog") and give a big "+1" for open systems.
> I like https://osquery.io/ (open source at: https://github.com/facebook/
> osquery)
> Also consider InSpec (https://github.com/chef/inspec) - though created
> by/for Chef, it's entirely self-contained. OpenSCAP integrating with
> either/both of these would be awesome.
> (Both are Apache 2.0 licensed.)
> =Fen
> On Thu, Feb 1, 2018 at 11:41 AM, Shawn Wells <sh...@redhat.com> wrote:
>> Imagine something like https://osquery.io/, except with enriched
>> compliance data.
> _______________________________________________
> Open-scap-list mailing list
> Open-scap-list@redhat.com
> https://www.redhat.com/mailman/listinfo/open-scap-list
Open-scap-list mailing list

Reply via email to