|
 |
9319e0 |
diff --git a/utils/oscap.8 b/utils/oscap.8
|
|
|
9319e0 |
index 2cec5e6c8..55110689e 100644
|
|
|
9319e0 |
--- a/utils/oscap.8
|
|
|
9319e0 |
+++ b/utils/oscap.8
|
|
|
9319e0 |
@@ -1,4 +1,4 @@
|
|
|
9319e0 |
-.TH OSCAP "8" "March 2017" "Red Hat" "System Administration Utilities"
|
|
|
9319e0 |
+.TH OSCAP "8" "October 2018" "Red Hat" "System Administration Utilities"
|
|
|
9319e0 |
|
|
|
9319e0 |
.SH NAME
|
|
|
9319e0 |
oscap \- OpenSCAP command line tool
|
|
|
9319e0 |
@@ -15,7 +15,7 @@ OpenSCAP tool claims to provide capabilities of Authenticated Configuration Scan
|
|
|
9319e0 |
.SH GENERAL OPTIONS
|
|
|
9319e0 |
.TP
|
|
|
9319e0 |
\fB\-V, -\-version\fR
|
|
|
9319e0 |
-Print supported SCAP specification, location of schema files, schematron files, CPE files, probes and supported OVAL objects.
|
|
|
9319e0 |
+Print supported SCAP specifications, location of schema files, schematron files, CPE files, probes and supported OVAL objects.
|
|
|
9319e0 |
Displays a list of inbuilt CPE names.
|
|
|
9319e0 |
.TP
|
|
|
9319e0 |
\fB\-h, \-\-help\fR
|
|
|
9319e0 |
@@ -48,7 +48,7 @@ Common Vulnerabilities and Exposures
|
|
|
9319e0 |
.TP
|
|
|
9319e0 |
[\fIoptions\fR] any-scap-file.xml
|
|
|
9319e0 |
.RS
|
|
|
9319e0 |
-This module prints information about SCAP content in a file specified on a command line. It determines SCAP content type, specification version, date of creation, date of import and so on. Info module doesn't require any additional opperation switch.
|
|
|
9319e0 |
+This module prints information about SCAP content in a file specified on a command line. It determines SCAP content type, specification version, date of creation, date of import and so on. Info module doesn't require any additional operation switch.
|
|
|
9319e0 |
|
|
|
9319e0 |
For XCCDF or Datastream files, info module prints out IDs of incorporated profiles, components, and datastreams. These IDs can be used to specify the target for evaluation. Use options --profile, --xccdf-id (or --oval-id), and --datastream-id respectively.
|
|
|
9319e0 |
.PP
|
|
|
9319e0 |
@@ -118,7 +118,8 @@ Writes results to a given FILE in Asset Reporting Format. It is recommended to u
|
|
|
9319e0 |
.TP
|
|
|
9319e0 |
\fB\-\-stig-viewer FILE\fR
|
|
|
9319e0 |
.RS
|
|
|
9319e0 |
-Writes XCCDF results into FILE in a format readable by DISA STIG Viewer. See \fIhttp://iase.disa.mil/stigs/Pages/stig-viewing-guidance.aspx\f.
|
|
|
9319e0 |
+Writes XCCDF results into FILE in a format readable by DISA STIG Viewer. See \fIhttp://iase.disa.mil/stigs/Pages/stig-viewing-guidance.aspx\fR.
|
|
|
9319e0 |
+This option should be used to generate results for DISA STIG Viewer older than 2.6. To use DISA STIG Viewer 2.6 or newer, use \fB\-\-results\fR instead.
|
|
|
9319e0 |
.RE
|
|
|
9319e0 |
.TP
|
|
|
9319e0 |
\fB\-\-thin-results\fR
|
|
|
9319e0 |
@@ -133,7 +134,7 @@ Don't provide system characteristics in OVAL/ARF result files.
|
|
|
9319e0 |
.TP
|
|
|
9319e0 |
\fB\-\-report FILE\fR
|
|
|
9319e0 |
.RS
|
|
|
9319e0 |
-Write HTML report into FILE. You also have to specify --results for this feature to work. Please see --oval-results to enable additional information in the report.
|
|
|
9319e0 |
+Write HTML report into FILE. Add \fB\-\-oval-results\fR to enable detailed information in the report.
|
|
|
9319e0 |
.RE
|
|
|
9319e0 |
.TP
|
|
|
9319e0 |
\fB\-\-oval-results\fR
|
|
|
9319e0 |
@@ -228,12 +233,13 @@ Writes results to a given FILE in Asset Reporting Format. It is recommended to u
|
|
|
9319e0 |
.TP
|
|
|
9319e0 |
\fB\-\-stig-viewer FILE\fR
|
|
|
9319e0 |
.RS
|
|
|
9319e0 |
-Writes XCCDF results into FILE in a format readable by DISA STIG Viewer. See \fIhttp://iase.disa.mil/stigs/Pages/stig-viewing-guidance.aspx\f.
|
|
|
9319e0 |
+Writes XCCDF results into FILE in a format readable by DISA STIG Viewer. See \fIhttp://iase.disa.mil/stigs/Pages/stig-viewing-guidance.aspx\fR.
|
|
|
9319e0 |
+This option should be used to generate results for DISA STIG Viewer older than 2.6. To use DISA STIG Viewer 2.6 or newer, use \fB\-\-results\fR instead.
|
|
|
9319e0 |
.RE
|
|
|
9319e0 |
.TP
|
|
|
9319e0 |
\fB\-\-report FILE\fR
|
|
|
9319e0 |
.RS
|
|
|
9319e0 |
-Write HTML report into FILE. You also have to specify --results for this feature to work.
|
|
|
9319e0 |
+Write HTML report into FILE. Add \fB\-\-oval-results\fR to enable detailed information in the report.
|
|
|
9319e0 |
.RE
|
|
|
9319e0 |
.TP
|
|
|
9319e0 |
\fB\-\-oval-results\fR
|
|
|
9319e0 |
@@ -250,6 +256,11 @@ After evaluation is finished, each loaded check engine plugin is asked to export
|
|
|
9319e0 |
.RS
|
|
|
9319e0 |
Generate OVAL Variables documents which contain external variables' values that were provided to the OVAL checking engine during evaluation. The filename format is '\fIoriginal-oval-definitions-filename\fR-\fIsession-index\fR.variables-\fIvariables-index\fR.xml'.
|
|
|
9319e0 |
.RE
|
|
|
9319e0 |
+.TP
|
|
|
9319e0 |
+\fB\-\-progress\fR
|
|
|
9319e0 |
+.RS
|
|
|
9319e0 |
+Switch to sparse output suitable for progress reporting. Format of the output is "$rule_id:$result\\n".
|
|
|
9319e0 |
+.RE
|
|
|
9319e0 |
.RE
|
|
|
9319e0 |
.TP
|
|
|
9319e0 |
.B resolve\fR -o output-file xccdf-file
|
|
|
9319e0 |
@@ -315,18 +326,21 @@ Available submodules:
|
|
|
9319e0 |
.TP
|
|
|
9319e0 |
.B \fBguide\fR [\fIoptions\fR] xccdf-file
|
|
|
9319e0 |
.RS
|
|
|
9319e0 |
-Generate a formatted document containing a security guide from a XCCDF Benchmark. Unless the --output option is specified it will be written to the standard output. Without profile being set only groups (not rules) will be included in the output.
|
|
|
9319e0 |
+Generate a HTML document containing a security guide from an XCCDF Benchmark. Unless the --output option is specified it will be written to the standard output. Without profile being set only groups (not rules) will be included in the output.
|
|
|
9319e0 |
.TP
|
|
|
9319e0 |
\fB\-\-output FILE\fR
|
|
|
9319e0 |
Write the guide to this file instead of standard output.
|
|
|
9319e0 |
.TP
|
|
|
9319e0 |
\fB\-\-hide-profile-info\fR
|
|
|
9319e0 |
Information on chosen profile (e.g. rules selected by the profile) will be excluded from the document.
|
|
|
9319e0 |
+.TP
|
|
|
9319e0 |
+\fB\-\-benchmark-id ID\fR
|
|
|
9319e0 |
+Selects a component ref from any datastream that references a component with XCCDF Benchmark such that its @id attribute matches given string exactly.
|
|
|
9319e0 |
.RE
|
|
|
9319e0 |
.TP
|
|
|
9319e0 |
.B \fBreport\fR [\fIoptions\fR] xccdf-file
|
|
|
9319e0 |
.RS
|
|
|
9319e0 |
-Generate a document containing results of a XCCDF Benchmark execution. Unless the --output option is specified it will be written to the standard output. ID of the TestResult element to visualise defaults to the most recent result (according to the end-time attribute).
|
|
|
9319e0 |
+Generate a HTML document containing results of an XCCDF Benchmark execution. Unless the --output option is specified it will be written to the standard output.
|
|
|
9319e0 |
.TP
|
|
|
9319e0 |
\fB\-\-output FILE\fR
|
|
|
9319e0 |
Write the report to this file instead of standard output.
|
|
|
9319e0 |
@@ -417,19 +431,14 @@ Write OVAL Results into file.
|
|
|
9319e0 |
Create human readable (HTML) report from OVAL Results.
|
|
|
9319e0 |
.TP
|
|
|
9319e0 |
\fB\-\-datastream-id ID\fR
|
|
|
9319e0 |
-.RS
|
|
|
9319e0 |
Uses a datastream with that particular ID from the given datastream collection. If not given the first datastream is used. Only applies if you give source datastream in place of an OVAL file.
|
|
|
9319e0 |
-.RE
|
|
|
9319e0 |
.TP
|
|
|
9319e0 |
\fB\-\-oval-id ID\fR
|
|
|
9319e0 |
-.RS
|
|
|
9319e0 |
Takes component ref with given ID from checks. This allows to select a particular OVAL component even in cases where there are 2 OVALs in one datastream.
|
|
|
9319e0 |
-.RE
|
|
|
9319e0 |
.TP
|
|
|
9319e0 |
\fB\-\-skip-valid\fR
|
|
|
9319e0 |
Do not validate input/output files.
|
|
|
9319e0 |
.TP
|
|
|
9319e0 |
-.RE
|
|
|
9319e0 |
\fB\-\-fetch-remote-resources\fR
|
|
|
9319e0 |
Allow download of remote components referenced from Datastream.
|
|
|
9319e0 |
.RE
|