oval_developer@lists.cisecurity.org

A list for people interested in developing the OVAL language.

View all threads

Announcing the OVAL results visualization tool

JR
Jan Rodak
Wed, Apr 22, 2020 4:08 PM

Hello folks,

my name is Jan Rodák.I collaborate with Red Hat´s Security Compliance team.
Let me introduce my project and graduation work on visualizing the results
of complex OVAL checks. Here is an example of use.


arf-to-graph scan-data/ssg-fedora-ds-arf.xml
audit_rules_unsuccessful_file_modification_creat

This command consumes the rule name or regular expression of rule name and
the ARF file, which is one of the possible standardized formats for
SCAP-compatible scanner results. And then it generates a graph. See output
example [1]. The OVAL as Graph project [2] is easy to install on Python3
systems using pip and exists RPM package [3] for Fedora and EPEL.

I think that this tool can be very useful to anybody who performs oscap
scans or debug results of complex rules. And I'm open for your feedback for
future improvements of the project.

[1]
https://protect-us.mimecast.com/s/0NqFC5ywmJHZY8wWczJ4ZA?domain=github.com

[2]https://protect-us.mimecast.com/s/qM2UC68xnLSrlkZGc6nWWf?domain=github.com

[3]https://protect-us.mimecast.com/s/u54vC73yoNCAjMnWCB5v2J?domain=src.fedoraproject.org

Regards,

Jan

Hello folks, my name is Jan Rodák.I collaborate with Red Hat´s Security Compliance team. Let me introduce my project and graduation work on visualizing the results of complex OVAL checks. Here is an example of use. ``` arf-to-graph scan-data/ssg-fedora-ds-arf.xml audit_rules_unsuccessful_file_modification_creat ``` This command consumes the rule name or regular expression of rule name and the ARF file, which is one of the possible standardized formats for SCAP-compatible scanner results. And then it generates a graph. See output example [1]. The OVAL as Graph project [2] is easy to install on Python3 systems using pip and exists RPM package [3] for Fedora and EPEL. I think that this tool can be very useful to anybody who performs oscap scans or debug results of complex rules. And I'm open for your feedback for future improvements of the project. [1] https://protect-us.mimecast.com/s/0NqFC5ywmJHZY8wWczJ4ZA?domain=github.com [2]https://protect-us.mimecast.com/s/qM2UC68xnLSrlkZGc6nWWf?domain=github.com [3]https://protect-us.mimecast.com/s/u54vC73yoNCAjMnWCB5v2J?domain=src.fedoraproject.org Regards, Jan