----- Original Message -----
From: "Greg Elin" <gregelin(a)gitmachines.com>
To: "SCAP Security Guide" <scap-security-guide(a)lists.fedorahosted.org>
Sent: Friday, August 29, 2014 11:18:37 PM
Subject: Re: New report and guide in openscap 1.1.0
I agree with Trey. The details would be more useful if they contained more
information about how something failed. I would expect that in a detail.
As I said in my previous email, we show these details. We always have!
They were not present in one of the previous ! draft ! versions of
XCCDF report. When I released that draft I explicitly said that check details
are not there but will be there in the final version. Are you sure you are
looking at the new report?
I'd be OK with default report ONLY showing details for the
severity=high
items that I failed and all other details went either into a second report
We show check system details for all failed rules, always. This works for
both OVAL and SCE checks.
I could open if I wanted, or the generic detail descriptions were on
the
WEB rather than part of the report.
Are you sure you want detailed reports of vulnerabilities on your
infrastructure to end up on the "WEB"? One of our goals is to keep the
reports and guides self sufficient. We do not want to rely on remote tools.
That's why we bundle even all the JavaScript and CSS.
The report could contain information about the system, but I'm
not sure if
there is a lot of value of all the (static) details being in the in report
by default.
Not sure what you mean by static details. The IP and MAC addresses? They
help identify the machine if hostname is not set properly. The CPE platforms
should be there as well IMO as they help explain applicable and not-applicable
results.
--
Martin Preisler