I like where this is going as I have similar needs/issues. I currently do
the same as Paul Arnold ("an oscap cron with "brief" results going to
centralized syslog") and give a big "+1" for open systems.
I like
https://osquery.io/ (open source at:
https://github.com/facebook/osquery)
Also consider InSpec (
https://github.com/chef/inspec) - though created
by/for Chef, it's entirely self-contained. OpenSCAP integrating with
either/both of these would be awesome.
(Both are Apache 2.0 licensed.)
=Fen
On Thu, Feb 1, 2018 at 11:41 AM, Shawn Wells <shawn(a)redhat.com> wrote:
Imagine something like
https://osquery.io/, except with enriched
compliance data.