Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix parser of the CIS-CAT XML report #3261

Merged
merged 1 commit into from May 9, 2019

Conversation

Projects
None yet
3 participants
@chemamartinez
Copy link
Member

commented May 7, 2019

As the issue #3256 reports, the XML parser for the CIS-CAT module was failing when the tag xccdf:TestResult is found in the report file instead of TestResult.

This PR adds this case and solves the mentioned issue.

Regards.

@chemamartinez chemamartinez requested a review from TJOSERAFAEL May 7, 2019

@chemamartinez chemamartinez self-assigned this May 7, 2019

@TJOSERAFAEL
Copy link
Member

left a comment

@chemamartinez chemamartinez requested a review from snaow May 8, 2019

@snaow

This comment has been minimized.

Copy link
Member

commented May 9, 2019

Make sure there are no warnings in the compilation.
Paste CISCAT output.

Thanks.

@chemamartinez

This comment has been minimized.

Copy link
Member Author

commented May 9, 2019

Tests

  • Compilation for manager/agent/Windows

  • Scan performed for CentOS 7 agent with new changes.

Alerts received correctly:

** Alert 1557411802.433964: - ciscat,
2019 May 09 07:23:22 (centos) 192.168.0.45->wodle_cis-cat
Rule: 87422 (level 5) -> 'CIS-CAT Report overview: Score less than 80% (60%)'
{"type":"scan_info","scan_id":1221593551,"cis":{"benchmark":"CIS CentOS Linux 7 Benchmark","profile":"xccdf_org.cisecurity.benchmarks_profile_Level_1_-_Server","hostname":"localhost.localdomain","timestamp":"2019-05-04T16:04:06.607Z","pass":95,"fail":64,"error":0,"unknown":0,"notchecked":63,"score":"60%"}}
type: scan_info
scan_id: 1221593551
cis.benchmark: CIS CentOS Linux 7 Benchmark
cis.profile: xccdf_org.cisecurity.benchmarks_profile_Level_1_-_Server
cis.hostname: localhost.localdomain
cis.timestamp: 2019-05-04T16:04:06.607Z
cis.pass: 95
cis.fail: 64
cis.error: 0
cis.unknown: 0
cis.notchecked: 63
cis.score: 60%

Log output:

2019/05/04 16:04:15 wazuh-modulesd:ciscat: INFO: Starting evaluation.
2019/05/04 16:05:02 wazuh-modulesd:ciscat: INFO: Scan finished successfully. File: /root/cis-cat-full/benchmarks/CIS_CentOS_Linux_7_Benchmark_v2.1.1-xccdf.xml
2019/05/04 16:05:06 wazuh-modulesd:ciscat: INFO: Evaluation finished.

@chemamartinez chemamartinez merged commit eaa3e32 into 3.9 May 9, 2019

1 check was pending

PR_wazuh Launching Build #266
Details

@chemamartinez chemamartinez deleted the fix-3256 branch May 9, 2019

Skeptor added a commit that referenced this pull request May 14, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.