Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Oval reports #19

Open
andersonz1 opened this issue May 11, 2024 · 1 comment
Open

Add Oval reports #19

andersonz1 opened this issue May 11, 2024 · 1 comment

Comments

@andersonz1
Copy link

Hi, thank you for developing SCAPinoculars, this is very useful !

I would like to suggest an additional type of report for vulnerabilities (oval), in addition to compliance (xccdf) reports.

https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/scanning-the-system-for-configuration-compliance-and-vulnerabilities_security-hardening

This would centralize the most important oscap scanning types in a single tool.
I am attaching a sample xml and html generated by the commands below:

Generating xml report:
oscap oval eval --results vulnerability.xml rhel-9.oval.xml

Generating html report from a xml:
oscap oval generate report vulnerability.xml > vulnerability.html

Or generating both xml and html in one command:
oscap oval eval --results vulnerability.xml --report vulnerability.html rhel-9.oval.xml

Oval reports contain revelant information about
CVEs and vulnerability scoring.

Thank you very much !
By best regards,
Anderson Augusto

vulnerability.html.txt
vulnerability.xml.txt
@andersonz1
Copy link
Author

Hi Juerg,
Did you have chance of evaluating this enhancement ?

Thank you very much,
Best Regards,
Anderson

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@andersonz1