On Tue, Jan 7, 2014, at 01:21 PM, Graham Williamson wrote:
On Tue, 2014-01-07 at 12:10 -0700, joescap@mm.st wrote:
I'm not sure if this is the appropriate place to ask this, but I noticed that when I do a scan like the following:
This appears to really be a open-scap question open-scap-list@redhat.com but we should be able to provide some guidance in the first place.
oscap xccdf eval --profile Profile --results /tmp/scan-results.xml --report /tmp/scan-results.html --oval-results --cpe-dict /tmp/scap-cpe-dictionary.xml /tmp/scap-xccdf.xml
--cpe-dict is deprecated, you should be using --cpe if you're running a recent version of oscap. Run oscap -V and make sure you're running the latest version.
to put the file, but it doesn't seem to take. Is there any way to redirect the output somewhere else? Or get the extra information in an alternative fashion?
I get the same results as well (openscap-0.9.12-1.el6.x86_64), not the very latest version. The man page for oscap doesn't specify an argument after the --oval-results option to specify a path to place those results. I also check openscap-1.0.1-1.fc19.x86_64 (latest version) as well and it doesn't appear to specify an argument to the --oval-results either. So, it looks like an email to the open-scap mailing list or log a feature request at https://fedorahosted.org/openscap/ will be your best bet.
scap-security-guide mailing list scap-security-guide@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
scap-security-guide mailing list scap-security-guide@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide Email had 1 attachment:
- signature.asc 1k (application/pgp-signature)
Thanks. I'll followup with the openscap list. I have a script (run via cron) that runs the oscap eval command and when oval-results is used it sticks the results file right off the / directory. I guess I can add a line or two two in the script to cd into another directory run the command and then clean up the file.