Severity: Error
     Message: no declaration found for element 'removable_storage'
     File: 

Hi, I was curious to know if the MITRE OVAL Interpreter could be used to perform purely data extraction for the various CIS benchmarks. It seems to have most probes and runs on both Windows & Linux, however after building the Windows version 5.10.1 , taking a CIS benchmark definition ( CIS_Microsoft_Windows_Server_2012_R2_Benchmark_v2.1.0-oval.xml ) and trying to pass it through, the XML is rejected at validation stage : Severity: Error Message: no declaration found for element 'removable_storage' File: c:\temp\CIS_Microsoft_Windows_Server_2012_R2_Benchmark_v2.1.0-oval.xml Line 9128 At char 147 I tried playing with the xml, notably by removing the <tests> and <definitions> sections, but that doesn't help much besides changing a bit the error I get... Any idea ? Is it even possible ? Any other way I can perform purely the data extraction step on both Windows & Linux ? Thanks, Hassan ...

     Severity: Error
     Message: no declaration found for element 'removable_storage'
     File:

Hassan, >From the CIS perspective, that benchmark uses OVAL version 5.11.1 for its recommendations. The Audit Sub-category for "removable_storage" does not exist in the 5.10 version of the language. I am assuming that the OVAL interpreter version 5.10.1 uses that version of the OVAL language, and can therefore not understand the 5.11.1 additions. Hope that helps! Cheers, -Bill M. -Bill Munyan Technical Product Executive :: CIS-CAT Security Controls & Automation Center for Internet Security (518) 880-0686 www.cisecurity.org Follow us @CISecurity -----Original Message----- From: OVAL_Developer [mailto:oval_developer-bounces@lists.cisecurity.org] On Behalf Of hsultan@thefroid.net Sent: Saturday, February 06, 2016 2:33 PM To: oval_developer@lists.cisecurity.org Subject: [OVAL DEVELOPER] OVAL Interpreter & extraction of data from CIS benchmarks Hi, I was curious to know if the MITRE OVAL Interpreter could be used to perform purely data extraction for the various CIS benchmarks. It seems to have most probes and runs on both Windows & Linux, however after building the Windows version 5.10.1 , taking a CIS benchmark definition ( CIS_Microsoft_Windows_Server_2012_R2_Benchmark_v2.1.0-oval.xml ) and trying to pass it through, the XML is rejected at validation stage : Severity: Error Message: no declaration found for element 'removable_storage' File: c:\temp\CIS_Microsoft_Windows_Server_2012_R2_Benchmark_v2.1.0-oval.xml Line 9128 At char 147 I tried playing with the xml, notably by removing the <tests> and <definitions> sections, but that doesn't help much besides changing a bit the error I get... Any idea ? Is it even possible ? Any other way I can perform purely the data extraction step on both Windows & Linux ? Thanks, Hassan ... _______________________________________________ OVAL_Developer mailing list OVAL_Developer@lists.cisecurity.org http://lists.cisecurity.org/mailman/listinfo/oval_developer_lists.cisecurity.org . . . ... This message and attachments may contain confidential information. If it appears that this message was sent to you by mistake, any retention, dissemination, distribution or copying of this message and attachments is strictly prohibited. Please notify the sender immediately and permanently delete the message and any attachments. . . . ...