OSCAP:(8)
NAME
oscap - OpenSCAP command line tool
SYNOPSIS
oscap [general-options] module operation [operation-options-and-argu- ments]
DESCRIPTION
oscap is Security Content Automation Protocol (SCAP) toolkit based on
OpenSCAP library. It provides various functions for different SCAP
specifications(modules).
GENERAL OPTIONS
- -V, --version
- SCAP specification supported by the module.
- -q, --quiet
- No output for certain operations, only return code.
- -h, --help
- Help screen.
MODULES
oval Open Vulnerability and Assessment Language.
xccdf The eXtensible Configuration Checklist Description Format.
OVAL OPERATIONS
- collect oval-definitions-file
- Probe the system and gather system characteristics for objects in OVAL Definition file. Print output (OVAL System Characteristic) to standart output.
- eval [options] oval-definitions-file
- Probe the system and evaluate all definitions from OVAL Definition file. Print result of each definition to standard output. oscap returns 0 if all definitions pass. If there is an error during evaluation, the return code is 1. If there is at least one failed result definition, oscap-scan finishes with return code 2.
- --result-file FILE
- Write OVAL Results into file.
XCCDF OPERATIONS
- eval [options] oval-definitions-file xccdf-file
- Perform evaluation driven by XCCDF file and use OVAL as checking engine. Print result of each rule to standard output. oscap returns 0 if all rules pass. If there is an error during evaluation, the return code is 1. If there is at least one failed rule, oscap-scan finishes with return code 2.
- --profile PROFILE
- Select profile from XCCDF document, otherwise the first profile is used.
- --result-file FILE
- Write XCCDF results into file.
AUTHOR
- Peter Vrabec <pvrabec@redhat.com>