aaronlippold
commented
3 years ago There were also a couple fixes to the standard stig json as well correct that we identified. May as well just keep it in a clean PR
Closed ejaronne closed 3 years ago
aaronlippold
commented
3 years ago There were also a couple fixes to the standard stig json as well correct that we identified. May as well just keep it in a clean PR
aaronlippold
commented
3 years ago Also, see email on reply from the DISA Emass folks confirming our discovery on the required data vs the meta-data.
aaronlippold
commented
3 years ago from the email we recieved: "Additionally, we did confirm that asset matching criteria is checking against Host Name, MAC Address, and IP Address." so by default we should encourge users to provide this info when we create a ckl.
aaronlippold
commented
3 years ago I think the nessus scan may have some of this meta-data by default
rx294
commented
3 years ago @aaronlippold @ejaronne
I have a fix for populating rid (parsed from Nessus' Rule-ID) CCI (array from Nessus' CCI) Stig_id (from Neuss' STIG-ID)
However as you know these only exists for the STIG based check entries in the Nessus file... not the plugin based checks
A .nessus could have both plugin and stig based checks...
When we developed the mapper we chose to map both kinds to the hdf file...
would the ingester fail if some controls dont have CCIs,Stig_id,rid?
aaronlippold
commented
3 years ago Well I guess we would have to say somthing like x=vlaue unless x.nil?
Add the following HDF tags to output:
These are crucial to allow inspec2ckl to form proper .ckl files
Example data to parse in a .nessus xml: