search

thezim / posh-stig

PowerShell module for DISA Security Technical Implementation Guides (STIGs) checklists.
4 stars 1 forks source link

Cannot pass multiple checklists. #12

Closed thezim closed 7 years ago

thezim commented 7 years ago

Moved from #11 from @samerrill613

@thezim I am able to convert a single checklist but when I try to pass multiple checklist files using the syntax in the readme.md I get the following error (note the ~ on the 2nd line lines up under the , :

If I put quotes around the checklist names I get the following error: Import-Checklist : Cannot process argument transformation on parameter 'Path'. Cannot convert value to type System.String. At C:\Users\merrills\Documents\STIG2CSV2.ps1:3 char:36

thezim commented 7 years ago

@samerrill613 Passing an array of strings is broken. Passing from the pipe does work however as temporary workaround. We'll look in to the issue.

PS /Users/thezim> Get-Item ./iis.ckl, ./chrome.ckl | Import-Checklist                                                    

Asset           : @{HostGUID=; HostMAC=; TechArea=; HostIP=; TargetKey=; HostName=; HostFQDN=; AssetType=Computing}
StigId          : IIS_7.0_WEB_SERVER_BENCHMARK
Description     : &ltProfileDescription&gt&lt/ProfileDescription&gt
CustomName      : 
Title           : IIS 7.0 WEB SERVER STIG
Source          : STIG.DOD.MIL
Classification  : UNCLASSIFIED
Notice          : terms-of-use
Version         : 1
UUID            : a40840a0-37df-4d6e-8520-11d0d3cf7574
ReleaseInfo     : Release: 10 Benchmark Date: 22 Apr 2016
Filename        : U_IIS_7-0_Server_V1R10_Manual-xccdf.xml
Vulnerabilities : {@{Comments=; SeverityOverride=; SeverityJustification=; Data=; Status=Not_Reviewed; FindingDetails=}, @{Comments
                  =; SeverityOverride=; SeverityJustification=; Data=; Status=Not_Reviewed; FindingDetails=}, @{Comments=; Severity
                  Override=; SeverityJustification=; Data=; Status=Not_Reviewed; FindingDetails=}, @{Comments=; SeverityOverride=; 
                  SeverityJustification=; Data=; Status=Not_Reviewed; FindingDetails=}...}

Asset           : @{HostGUID=; HostMAC=; TechArea=; HostIP=; TargetKey=; HostName=; HostFQDN=; AssetType=Computing}
StigId          : Google_Chrome_Current_Windows
Description     : The Google Chrome Security Technical Implementation Guide (STIG) is published as a tool to improve the security o
                  f Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent
                   via e-mail to the following address: disa.stig_spt@mail.mil
CustomName      : 
Title           : Google Chrome Current Windows STIG
Source          : STIG.DOD.MIL
Classification  : UNCLASSIFIED
Notice          : terms-of-use
Version         : 1
UUID            : 31aac31d-7208-4991-83f3-e7f4d9654c42
ReleaseInfo     : Release: 7 Benchmark Date: 01 Dec 2016
Filename        : U_Google_Chrome_Browser_V1R7_Manual-xccdf.xml
Vulnerabilities : {@{Comments=; SeverityOverride=; SeverityJustification=; Data=; Status=Not_Reviewed; FindingDetails=}, @{Comments
                  =; SeverityOverride=; SeverityJustification=; Data=; Status=Not_Reviewed; FindingDetails=}, @{Comments=; Severity
                  Override=; SeverityJustification=; Data=; Status=Not_Reviewed; FindingDetails=}, @{Comments=; SeverityOverride=; 
                  SeverityJustification=; Data=; Status=Not_Reviewed; FindingDetails=}...}
thezim commented 7 years ago

@krylon What do you think about support for -Path @("somefile", "someotherfile"). With an array it will lead to a special condition in the Process code. I've looked at a some cmdlets in the PowerShell repo and could not find the pattern of allowing an array for for a parameter where ValueFromPipeline=$true. The following syntax provides the same functionality.

@("./chrome.ckl", "./iis.ckl") | Import-Checklist

As -Path @() has never worked I'd be inclined to remove it from the documentation and replace it with the above example.

thezim commented 7 years ago

Documentation has been updated (95d10b8) to reflect only using the pipeline method for multiple checklist.