Closed ejaronne closed 3 years ago
There were also a couple fixes to the standard stig json as well correct that we identified. May as well just keep it in a clean PR
Also, see email on reply from the DISA Emass folks confirming our discovery on the required data vs the meta-data.
from the email we recieved: "Additionally, we did confirm that asset matching criteria is checking against Host Name, MAC Address, and IP Address." so by default we should encourge users to provide this info when we create a ckl.
I think the nessus scan may have some of this meta-data by default
@aaronlippold @ejaronne
I have a fix for populating rid (parsed from Nessus' Rule-ID) CCI (array from Nessus' CCI) Stig_id (from Neuss' STIG-ID)
However as you know these only exists for the STIG based check entries in the Nessus file... not the plugin based checks
A .nessus could have both plugin and stig based checks...
When we developed the mapper we chose to map both kinds to the hdf file...
would the ingester fail if some controls dont have CCIs,Stig_id,rid?
Well I guess we would have to say somthing like x=vlaue unless x.nil?
Add the following HDF tags to output:
These are crucial to allow inspec2ckl to form proper .ckl files
Example data to parse in a .nessus xml: