From Openscap
[edit]
Compilation
Compilation is pretty straightforward.
- ./autogen.sh for those who get fresh sources from git repository. It requires: autoconf automake libtool. If you use release taball you can skip this step.
- ./configure && make build the library. Dependencies may very, it depends on enabled features(by configure). By default you need: swig, libxml2-devel, rpm-devel, libgcrypt-devel, pcre-devel, python-devel, perl-devel, libcurl-devel, libxslt-devel, libtools installed on your system.
- make check run library self-checks
- make install run installation procedure
[edit]
Document Generation
We provide different XSLT transformations that might be handy when you want to transform SCAP content XML file into nice HTML document. Let's assume that you have XCCDF checklist and you want to turn it into Guide book. In this case only groups (not rules) will be included in the output.
$ oscap xccdf generate guide scap-xccdf.xml > guide.html.
OK,and now you want to include information about rules for particular profile.
$ oscap xccdf generate guide --profile Desktop scap-xccdf.xml > guide.html.
Well assume you have finished then scanning, you get XCCDF result file and you desire nicer look at these results.
$ oscap xccdf generate report xccdf-results.xml > report.html
[edit]
Validation
You have edit the content and you are not sure about typos or syntax issues.
$ oscap xccdf validate-xml scap-xccdf.xml
[edit]
Scanning
You can perform the scan driven by xccdf+oval
$ oscap xccdf eval --profile Desktop --result-file xccdf-results.xml scap-xccdf.xml
or simply evaluate all definitions in oval content
$ oscap oval eval --result-file oval-results.xml scap-oval.xml
