Hello Martin,
thank you for the preview of the new look / functionality.
Couple of points for the report case (not sure they have been mentioned
already):
1) Text under Characteristics paragraph:
" User root started the evaluation at 2014-08-28T16:44:12.
Evaluation finished at 2014-08-28T16:50:10. The target machine was called
localhost.localdomain.
Benchmark from /usr/share/xml/scap/ssg/content/ssg-rhel6-xccdf.xml was
used. Profile usgcb-rhel6-server was selected."
Might it look better when organized into a table (example below)?
Evaluation Run:
Performed by: root
Started: 2014-08-28T16:44:12 \ here maybe also split
Y-M-D with space from H-M-S?
Finished: 2014-08-28T16:50:10 /
Target (of Evaluation): localhost.localdomain
Benchmark Location: /usr/share/xml/scap/ssg/content/ssg-rhel6-xccdf.xml
Evaluated Profile: usgcb-rhel6-server
2) Regarding colours - non-consistence in colour shades in "Compliance and
Scoring"
vs "Rule Overview" section. Would it be possible to merge the shades? (IOW
use just
one shade of red, green, gray, orange, etc. across the document)
3) Missing the "Rule overview" & "Rule details" anchors (they were present in
previous
version). Reasoning "Rule overview" isn't displayed when displaying top of
the page.
Would it be possible to have "Rule overview" anchor in the top panel to be
able quickly
to navigate there?
Ad "Rule details" -- since they aren't displayed by default, having "Rule
details"
anchor would either enable the "Show all result details" button (the page
display would
behave after clicking "Rule details" like the "Show all result details"
button was clicked +
the top of the page would be navigated to the start of the details table)
4) Rule titles aren't displayed in the colour of the result -- not sure we want
this, but
could you possibly provide preview of a case, where passed rules titles
would be coloured
out in green (same colour as the bounding box has around the rule result),
unknown state
rule titles would be in orange, notchecked rule titles in gray etc.
5) Regarding the "Result Details" table - generally looks fine, but sometimes
the inner
rule description is larger than the outside red coloured table. Example of
the rule:
"Verify and Correct File Permissions with RPM"
The inner table spans out of the red coloured bounding box. Would it be
possible either
to reduce the inner table or enlarge the outer bounding box?
6) (I think) from the current layering the particular OVAL check test comment
(often clarifying
the requirement) might not be immediately visible / noticeable:
Example (current output):
OVAL details
nosuid on /dev/shm
mount point device uuid fs type mount options mount options mount
options total space space used space left
/dev/shm tmpfs tmpfs rw seclabel relatime
128830 57 128773
Here the first row table header ("nosuid on /dev/shm") is that comment. Would
it be possible to
highlight it somehow? E.g.
OVAL details
Requirement: nosuid on /dev/shm
(Evaluated) System status:
mount point device uuid ...
... ...
Or use at least bold font for the "nosuid on /dev/shm" OVAL comment.
Otherwise I think in general the output is very nice. Should I notice other
points will share them yet.
Thank you && Regards, Jan.
--
Jan iankko Lieskovsky / Red Hat Security Technologies Team
----- Original Message -----
> From: "Martin Preisler" <mprei...@redhat.com>
> To: "SCAP Security Guide" <scap-security-guide@lists.fedorahosted.org>
> Sent: Thursday, August 28, 2014 7:49:23 PM
> Subject: New report and guide in openscap 1.1.0
>
> Hi,
>
> as you may know I have been working on a complete rewrite of HTML report and
> guide for the upcoming openscap 1.1.0 release. It's a feature that will
> touch almost every user of openscap. I would like to gather feedback from
> the scap-security-guide community so that we can make sure there aren't any
> blocker issues in the release. It is natural that there will be small issues
> that we will iron out in minor releases. Basically we would just like to
> make sure the new report and guide aren't missing anything crucial that
> would prevent adoption.
>
> See https://mpreisle.fedorapeople.org/openscap/1.1.0_xslt/ for sample HTML
> report and guide from SSG for RHEL6.
>
> Looking forward to feedback.
>
> --
> Martin Preisler
> --
> SCAP Security Guide mailing list
> scap-security-guide@lists.fedorahosted.org
> https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
> https://github.com/OpenSCAP/scap-security-guide/
--
SCAP Security Guide mailing list
scap-security-guide@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
https://github.com/OpenSCAP/scap-security-guide/
