New in version 3.1.0.
Configuration options of the CIS-CAT wodle.
Warning
CIS-CAT is not installed by default. It is a proprietary software that you have to obtain for using this module.
Options |
Allowed values |
|---|---|
yes, no |
|
A positive number (seconds) |
|
A positive number |
|
yes, no |
|
Any valid path |
|
Any valid path |
|
N/A |
Disables the CIS-CAT wodle.
Default value |
no |
Allowed values |
yes, no |
Timeout for each evaluation.
Default value |
1800 |
Allowed values |
A positive number (seconds) |
Interval between CIS-CAT executions.
Default value |
1d |
Allowed values |
A positive number that should contain a suffix character indicating a time unit, such as, s (seconds), m (minutes), h (hours), d (days). |
Run evaluation immediately when service is started.
Default value |
yes |
Allowed values |
yes, no |
Define where Java is located. If this parameter is not set, the wodle will seach for the Java location in the default environment variable $PATH.
Default value |
/usr/bin |
Allowed values |
Any valid path. |
Define where CIS-CAT is located.
Default value |
/var/ossec/wodles/ciscat |
Allowed values |
Any valid path. |
Define an evaluation. At present, you can only run assessments for XCCDF policy files.
Attributes
type |
Select content type. |
path |
Use the specified policy file. Default path: |
timeout |
Timeout for the evaluation (in seconds). Use of this attribute overwrites the generic timeout. |
profile |
Select profile. |
<wodle name="cis-cat">
<disabled>no</disabled>
<timeout>1800</timeout>
<interval>1d</interval>
<scan-on-start>yes</scan-on-start>
<java_path>/usr/bin</java_path>
<ciscat_path>/var/ossec/wodles/ciscat</ciscat_path>
<content type="xccdf" path="benchmarks/CIS_Ubuntu_Linux_16.04_LTS_Benchmark_v1.0.0-xccdf.xml">
<profile>xccdf_org.cisecurity.benchmarks_profile_Level_2_-_Server</profile>
</content>
</wodle>