Hello all,
I am having some trouble generating content for the DISA stig-viewer.
Stig-viewer version = 2.9 ComplianceAsCode version = 1.46 Openscap version = 1.2.17 RHEL OS 7.7
I am running the scan with the following command:
oscap xccdf eval --profile xccdf_org.ssgproject.content_profile_stig --oval-results --results /tmp/`hostname`-`date +%F%H%M`-stig-scan-oval-results.xml --report /tmp/`hostname`-`date +%F%H%M`oval-xccdf-report.html --stig-viewer /tmp/`hostname`-`date +%F%H%M`-stig-viewer-oval-results.xml --fetch-remote-resources --remediate ssg-rhel7-ds.xml
The file resulting from the ‘--results’ option causes a pop window to show when attempting to import into the stig-viewer:
Result Reference ID(s) Not Found in the Checklist STIG(s)
The file resulting from the ‘--stig-verwer’ option produces no pop window, but all fo the rules show as not reviewed.
Am I missing something with the options chosen? Are the resulting files and the current version of the DISA stig-viewer not compatible?
Any help is appreciated.
Thank you.
Hi Albert,
I also came across this problem yesterday. The issue lies in a STIG Viewer reference change inside ComplianceAsCode/content. I've filed the following issue for this.
https://github.com/ComplianceAsCode/content/issues/4846
A quick workaround that you could try is to change the stig_ns variable inside ssg/constants.py to the old value and do a full rebuild of your content. It was working fine for me.
stig_ns = "http://iase.disa.mil/stigs/Pages/stig-viewing-guidance.aspx"
Hope that helps... ;)
Ciao, Alex~
On Tue, Sep 17, 2019 at 11:21:27AM -0700, Albert Roberson wrote:
Hello all,
I am having some trouble generating content for the DISA stig-viewer.
Stig-viewer version = 2.9 ComplianceAsCode version = 1.46 Openscap version = 1.2.17 RHEL OS 7.7
I am running the scan with the following command:
oscap xccdf eval --profile xccdf_org.ssgproject.content_profile_stig --oval-results --results /tmp/`hostname`-`date +%F%H%M`-stig-scan-oval-results.xml --report /tmp/`hostname`-`date +%F%H%M`oval-xccdf-report.html --stig-viewer /tmp/`hostname`-`date +%F%H%M`-stig-viewer-oval-results.xml --fetch-remote-resources --remediate ssg-rhel7-ds.xml
The file resulting from the ‘--results’ option causes a pop window to show when attempting to import into the stig-viewer:
Result Reference ID(s) Not Found in the Checklist STIG(s)
The file resulting from the ‘--stig-verwer’ option produces no pop window, but all fo the rules show as not reviewed.
Am I missing something with the options chosen? Are the resulting files and the current version of the DISA stig-viewer not compatible?
Any help is appreciated.
Thank you.
scap-security-guide mailing list -- scap-security-guide@lists.fedorahosted.org To unsubscribe send an email to scap-security-guide-leave@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/scap-security-guide@lists.fedor...
Hi Albert,
this was fixed in openscap.
https://github.com/OpenSCAP/openscap/pull/1401 https://github.com/OpenSCAP/openscap/pull/1404
And should be included in the next release round.
Ciao, Alex~
On Wed, Sep 18, 2019 at 08:45:00AM +0200, Alexander Bergmann wrote:
Hi Albert,
I also came across this problem yesterday. The issue lies in a STIG Viewer reference change inside ComplianceAsCode/content. I've filed the following issue for this.
https://github.com/ComplianceAsCode/content/issues/4846
A quick workaround that you could try is to change the stig_ns variable inside ssg/constants.py to the old value and do a full rebuild of your content. It was working fine for me.
stig_ns = "http://iase.disa.mil/stigs/Pages/stig-viewing-guidance.aspx"
Hope that helps... ;)
Ciao, Alex~
On Tue, Sep 17, 2019 at 11:21:27AM -0700, Albert Roberson wrote:
Hello all,
I am having some trouble generating content for the DISA stig-viewer.
Stig-viewer version = 2.9 ComplianceAsCode version = 1.46 Openscap version = 1.2.17 RHEL OS 7.7
I am running the scan with the following command:
oscap xccdf eval --profile xccdf_org.ssgproject.content_profile_stig --oval-results --results /tmp/`hostname`-`date +%F%H%M`-stig-scan-oval-results.xml --report /tmp/`hostname`-`date +%F%H%M`oval-xccdf-report.html --stig-viewer /tmp/`hostname`-`date +%F%H%M`-stig-viewer-oval-results.xml --fetch-remote-resources --remediate ssg-rhel7-ds.xml
The file resulting from the ‘--results’ option causes a pop window to show when attempting to import into the stig-viewer:
Result Reference ID(s) Not Found in the Checklist STIG(s)
The file resulting from the ‘--stig-verwer’ option produces no pop window, but all fo the rules show as not reviewed.
Am I missing something with the options chosen? Are the resulting files and the current version of the DISA stig-viewer not compatible?
Any help is appreciated.
Thank you.
scap-security-guide mailing list -- scap-security-guide@lists.fedorahosted.org To unsubscribe send an email to scap-security-guide-leave@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/scap-security-guide@lists.fedor...
-- Alexander Bergmann abergmann@suse.com, Security Engineer, GPG:9FFA4886 SUSE Software Solutions Germany GmbH
Maxfeldstr. 5, 90409 Nuremberg, Germany (HRB 247165, AG München) Managing Director: Felix Imendörffer
scap-security-guide mailing list -- scap-security-guide@lists.fedorahosted.org To unsubscribe send an email to scap-security-guide-leave@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/scap-security-guide@lists.fedor...
scap-security-guide@lists.fedorahosted.org