We want that Atomic scan stdout is similar to stdout are produced by oscap xccdf eval, we would like to
add XCCDF IDs and CCEs there, and maybe something more.
This needs to be implemented on openscap-daemon side. The Daemon saves its results to a JSON. However, there is only rule name, severity, and XCCDF result. It looks easy to add XCCDF IDs and CCEs, because we already parse ARF to get the results.
Note: We have to realise we can't add to our output passed rules (or not applicable rules), because Atomic is designed to report only findings and vulnerabilities. Atomic scan doesn't report passed checks. Atomic scan is universal interface, used by other scanners, so we shouldn't break it.
We want that Atomic scan stdout is similar to stdout are produced by
oscap xccdf eval
, we would like to add XCCDF IDs and CCEs there, and maybe something more.This needs to be implemented on openscap-daemon side. The Daemon saves its results to a JSON. However, there is only rule name, severity, and XCCDF result. It looks easy to add XCCDF IDs and CCEs, because we already parse ARF to get the results.
Note: We have to realise we can't add to our output passed rules (or not applicable rules), because Atomic is designed to report only findings and vulnerabilities. Atomic scan doesn't report passed checks. Atomic scan is universal interface, used by other scanners, so we shouldn't break it.