search

paulewog / language-nasl

MIT License
1 stars 2 forks source link

Missing Unix Configuration Keywords #2

Open jamccormack opened 5 years ago

jamccormack commented 5 years ago

When editing published compliance audit policies there are errors. https://www.tenable.com/downloads/cis-compliance-audit-policies

Unix Configuration Keywords https://docs.tenable.com/nessus/compliancechecksreference/Content/UnixConfigurationKeywords.htm

Using CIS_Ubuntu_16.04_LTS_Server_v1.1.0_L1.audit as an example. The following keywords are missing:

severity : (LOW,MEDIUM,HIGH) Line: 498 Documentation: https://docs.tenable.com/nessus/compliancechecksreference/Content/UnixConfigurationKeywords.htm

owner : "" Line: 551 Documentation: https://docs.tenable.com/nessus/compliancechecksreference/Content/UnixFILE_CHECK.htm

mask : "" Line: 552 Documentation: https://docs.tenable.com/nessus/compliancechecksreference/Content/UnixFILE_CHECK.htm

mode : Line: Not in current file but is used in the same section as mask in a FILE_CHECK Documentation: https://docs.tenable.com/nessus/compliancechecksreference/Content/UnixFILE_CHECK.htm

group : "" Line: 553 Documentation: https://docs.tenable.com/nessus/compliancechecksreference/Content/UnixFILE_CHECK.htm

content : Line: 706 Note: Variable in BANNER_CHECK

is_substring: (YES,NO) Line: 706 Note: Variable in BANNER_CHECK

service : "" Line: 975 Documentation: https://docs.tenable.com/nessus/compliancechecksreference/Content/UnixXINETD_SVC.htm https://docs.tenable.com/nessus/compliancechecksreference/Content/UnixConfigurationKeywords.htm

status : (ON,OFF) Line: 976 Documentation: https://docs.tenable.com/nessus/compliancechecksreference/Content/UnixXINETD_SVC.htm https://docs.tenable.com/nessus/compliancechecksreference/Content/UnixConfigurationKeywords.htm

file_required: (YES, NO) Line: 1002 Documentation: https://docs.tenable.com/nessus/compliancechecksreference/Content/UnixConfigurationKeywords.htm

string_required: (YES, NO) Line: 1003 Documentation: https://docs.tenable.com/nessus/compliancechecksreference/Content/UnixConfigurationKeywords.htm

name: "" Line: 4644 Documentation: https://docs.tenable.com/nessus/compliancechecksreference/Content/UnixConfigurationKeywords.htm

jamccormack commented 5 years ago

Updating Line 110 in "tns audit.cson" to read match: "^\\s*(audit_policy_subcategory|reg_key|reg_item|reg_ignore_hku_users|wmi_key|wmi_attribute|wmi_request|wmi_namespace|required|aws_action|systemvalue|system|file_extension|file|info|cmd|solution|type|see_also|item|value_type|regex_replace|max_size|only_show|known_good|request|severity|owner|mask|mode|group|content|is_substring|service|status|file_required|file_required|string_required|name)\\s*:\\s*"

Resolves most of the keyword issues but I do not know how to fix the ones that are not strings

jamccormack commented 5 years ago

Updated Line 104 in "tns audit.cson" to read match: "(?<=\\s)(NO|YES|NULL|LOW|MEDIUM|HIGH|ON|OFF)(?=[\\s\\,])"