On 8/18/17 11:45 PM, Trevor Vaughan wrote:
Ok, I couldn't let it go for various reasons.
The following is the minimal viable test results XML file that makes
the STIGViewer do something useful.
I have a use for this in particular and hopefully it helps in the
search for sanity.
The fact that the STIGViewer checklist export doesn't have an
associated schema is not thrilling.
## BEGIN XML ##
<?xml version="1.0" encoding="UTF-8"?>
<TestResult id="I Love Testing"
xmlns="http://checklists.nist.gov/xccdf/1.2"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xml:lang="en-US"
style="SCAP_1.2"
start-time="1970-01-01T00:00:00"
end-time="1970-01-01T00:00:01"
>
<benchmark>RHEL_7_STIG</benchmark>
<!-- Useful but not required -->
<remark>Minimal Valid Test Results</remark>
<organization>Friday Night Party!</organization>
<target>localhost.localdomain</target>
<score>100.0</score>
<!-- End: useful but not required -->
<target-address>127.0.0.1</target-address>
<target-facts>
<!-- These fill out the fields in the 'Target Data' part of the
viewer -->
<fact name="urn:xccdf:asset:identifier:mac"
type="string">00:00:00:00:00:00</fact>
<fact name="urn:xccdf:asset:identifier:host_name"
type="string">localhost</fact>
<fact name="urn:xccdf:asset:identifier:fqdn"
type="string">localhost.localdomain</fact>
</target-facts>
<rule-result idref="SV-86687r4_rule">
<result>pass</result>
</rule-result>
</TestResult>
## END XML ##
Josh Springer, a consultant at Red Hat, generated this STIG Viewer
checklist:
https://raw.githubusercontent.com/josh-springer/ansible-role-rhel7-stig/m...
Still going through it myself.... but should be easy enough to transform
SCAP content into DISA's schema.