Red Hat Summit이 콘텐츠는 선택한 언어로 제공되지 않습니다.
6.4. Performing Audit Scans
OpenSCAP integration in Red Hat Satellite Server provides the ability to perform audit scans on client systems. This section describes the methods available for performing these scans.
6.4.1. Using the Web Interface to Perform Audit Scans
링크 복사링크가 클립보드에 복사되었습니다!
This section describes how to use the Satellite web interface to perform audit scans.
Procedure 6.1. To Perform an Audit Scan Using the Web Interface:
- Log in to the Satellite web interface.
- Click
- Click
- Complete the
Schedule New XCCDF Scanpage. See Section 6.5.2.3, “Schedule Page” for information about the fields on this page.Warning
The XCCDF content is validated before it is run on the remote system. Specifying invalid command-line arguments can causespacewalk-oscapto fail to validate or run. Due to security concerns theoscap xccdf evalcommand only accepts a limited set of parameters.
Note
You can run the
Copy to Clipboard
Copied!
Toggle word wrap
Toggle overflow
rhn_check command to ensure that the action is being picked up by the client system.
rhn_check -vv
# rhn_check -vv
If
rhnsd or osad are running on the client system, the action will be picked up by these services. To check if they are running, run one of the following commands.
For Red Hat Enterprise Linux 5 and 6:
service rhnsd start chkconfig rhnsd on service osad start chkconfig osad on
# service rhnsd start
# chkconfig rhnsd on
OR
# service osad start
# chkconfig osad on
For Red Hat Enterprise Linux 7:
systemctl enable rhnsd systemctl start rhnsd systemctl enable osad systemctl start osad
# systemctl enable rhnsd
# systemctl start rhnsd
OR
# systemctl enable osad
# systemctl start osad
To view the results of the scan, see Section 6.4.3, “Viewing the Results of SCAP Audits”.
6.4.2. Using the API to Perform Audit Scans
링크 복사링크가 클립보드에 복사되었습니다!
This section describes how to use the Satellite API to perform audit scans.
Procedure 6.2. To Perform an Audit Scan Using the API:
- Choose an existing script or create a script for scheduling a system scan through
system.scap.scheduleXccdfScan, the front-end API, for example:Copy to Clipboard Copied! Toggle word wrap Toggle overflow Where:- 1000010001 is the
system ID (sid). /usr/local/share/scap/usgcb-rhel5desktop-xccdf.xmlis the path to the content location on the client system. In this case, it assumes USGCB content in the/usr/local/share/scapdirectory.--profile united_states_government_configuration_baselineis an additional argument to theoscapcommand. In this case, it is using the USGCB.
- Run the script on the command-line interface of any system. The system needs the appropriate Python and XML-RPC libraries installed.
Note
You can run the
Copy to Clipboard
Copied!
Toggle word wrap
Toggle overflow
rhn_check command to ensure that the action is being picked up by the client system.
rhn_check -vv
# rhn_check -vv
If
rhnsd or osad are running on the client system, the action will be picked up by these services. To check if they are running, run one of the following commands:
For Red Hat Enterprise Linux 5 and 6:
service rhnsd start chkconfig rhnsd on service osad start chkconfig osad on
# service rhnsd start
# chkconfig rhnsd on
OR
# service osad start
# chkconfig osad on
For Red Hat Enterprise Linux 7:
systemctl enable rhnsd systemctl start rhnsd systemctl enable osad systemctl start osad
# systemctl enable rhnsd
# systemctl start rhnsd
OR
# systemctl enable osad
# systemctl start osad6.4.3. Viewing the Results of SCAP Audits
링크 복사링크가 클립보드에 복사되었습니다!
There are three methods of viewing the results of finished scans:
- Using the web interface. After the scan has finished, the results are available on the page of specific system. See Section 6.5, “OpenSCAP Satellite Web Interface”.
- Using the API functions in handler
system.scap. - Using the
spacewalk-reportcommand, as follows:spacewalk-report system-history-scap spacewalk-report scap-scan spacewalk-report scap-scan-results
# spacewalk-report system-history-scap # spacewalk-report scap-scan # spacewalk-report scap-scan-resultsCopy to Clipboard Copied! Toggle word wrap Toggle overflow
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}