[RFE] Add rule IDs and CCEs to results #108

jan-cerny · 2017-08-17T07:36:29Z

We want that Atomic scan stdout is similar to stdout are produced by oscap xccdf eval, we would like to
add XCCDF IDs and CCEs there, and maybe something more.

This needs to be implemented on openscap-daemon side. The Daemon saves its results to a JSON. However, there is only rule name, severity, and XCCDF result. It looks easy to add XCCDF IDs and CCEs, because we already parse ARF to get the results.

Note: We have to realise we can't add to our output passed rules (or not applicable rules), because Atomic is designed to report only findings and vulnerabilities. Atomic scan doesn't report passed checks. Atomic scan is universal interface, used by other scanners, so we shouldn't break it.

The text was updated successfully, but these errors were encountered:

jan-cerny added this to the 0.1.8 milestone Aug 17, 2017

mpreisler modified the milestones: 0.1.8, 0.1.9 Sep 28, 2017

matusmarhefka mentioned this issue Nov 8, 2017

Remediation of containers for configuration compliance has inconsistent output #121

Open

matejak modified the milestones: 0.1.9, 0.1.10 Jan 16, 2018

matejak modified the milestones: 0.1.10, 0.1.11 Feb 8, 2018

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[RFE] Add rule IDs and CCEs to results #108

[RFE] Add rule IDs and CCEs to results #108

jan-cerny commented Aug 17, 2017

[RFE] Add rule IDs and CCEs to results #108

[RFE] Add rule IDs and CCEs to results #108

Comments

jan-cerny commented Aug 17, 2017