Re: [Open-scap] Trouble Scanning OVAL from CIS Repository

2019-08-18 Thread Tim Burress
Thanks for your note and expecially the code! I looked at the OS-specific files but they seem to be little more than placeholders: many of the ones I looked at don't seem to have any content at all unless it's being pulled in by reference somehow. The openscap tests have already proven very

Re: [Open-scap] Trouble Scanning OVAL from CIS Repository

2019-08-16 Thread Gary Gapinski
On 8/16/19 4:32 AM, Tim Burress wrote: Following up, I find that even the unix.xml fails due to the use of 'interim_fix' in tests: W: oscap: Unknown OVAL family subtype: interim_fix OpenSCAP Error: Unknown test type oval:org.cisecurity:tst:6710. [oval_test.c:395]

Re: [Open-scap] Trouble Scanning OVAL from CIS Repository

2019-08-16 Thread Tim Burress
Following up, I find that even the unix.xml fails due to the use of 'interim_fix' in tests: W: oscap: Unknown OVAL family subtype: interim_fix OpenSCAP Error: Unknown test type oval:org.cisecurity:tst:6710. [oval_test.c:395] Failed to import the OVAL Definitions from 'unix.xml'.

Re: [Open-scap] Trouble Scanning OVAL from CIS Repository

2019-08-16 Thread Tim Burress
Thanks for looking into this! I didn't realize it was possible to download anything other than the full OVAL file, and was going to ask if maybe oscap could add a command-line option to choose the family or platform when evaluating an OVAL collection. But looking more closely at the page I see

Re: [Open-scap] Trouble Scanning OVAL from CIS Repository

2019-08-15 Thread William Munyan
Tim, I guess the first thing I would ask is why you’re downloading the full OVAL XML file. That file, as you can see is huge, and contains ALL the definitions in the entire repository. I can make an educated guess that your Fedora-based system doesn’t need to assess against every Windows

Re: [Open-scap] Trouble Scanning OVAL from CIS Repository

2019-08-15 Thread Trevor Vaughan
Ah, good to know. Thanks! On Thu, Aug 15, 2019 at 7:51 AM William Munyan < william.mun...@cisecurity.org> wrote: > Those extensions are only in the CIS benchmark content and not part of the > OVAL repository. I plan on taking a look at the specific content mentioned > in the thread to see what

Re: [Open-scap] Trouble Scanning OVAL from CIS Repository

2019-08-15 Thread William Munyan
Those extensions are only in the CIS benchmark content and not part of the OVAL repository. I plan on taking a look at the specific content mentioned in the thread to see what I can see. Cheers Bill M (CIS) Get Outlook for iOS On Thu, Aug 15, 2019 at 7:49 AM -0400,

Re: [Open-scap] Trouble Scanning OVAL from CIS Repository

2019-08-15 Thread Trevor Vaughan
As far as I know, the CIS materials have non-standard extensions that only their scanner supports. On Wed, Aug 14, 2019 at 11:47 PM Tim wrote: > Another issue has come up while attempting to scan a Fedora-based system > using the quasi-official OVAL collection at CIS: > >