Thanks for the
comments guys. It helps me understand where things are and where
they might be going.
For me, I would
write a (initial) user story much along the lines of:
"I would like to be
able to parse oscap results into a MySQL database so that I can
compare specific aspects of these results to others from the
same server or from other servers."
I word it like this
because I (personally) am not looking for a larger application
framework (user interface, authentication, etc) that has to come
along with the central database. I also like the idea of not
being tied to one database engine and/or using a standardized
API, but an API sounds like a few stories down the road.
Anyway, I'm grateful
for the thoughts. I was initially just checking to make sure
that before I start working on converting the XML to SQL
(probably with xslt and Python) that someone else hasn't already
done that. I hate it when I build something only to find out
later that someone in the community has already built it (and
probably way better).