Académique Documents
Professionnel Documents
Culture Documents
STIG provides the SQL to run which we will use to build a custom
This example will use a real check from the Department of Defense
Example Overview
Explanation of check.
No
Yes
Compliance
Rule Exists?
Yes
Required
Data Collected?
No
Create Custom
Compliance Rule
Extend Target
Using Configuration
Extension
Add Compliance
Rule to Compliance
Standard
Answer = No
Answer = No
a)
a)
3.
2.
1.
Only return 1 column. If you want to see more than 1 item then
Perform the actual check for violations ON the agent and only return
Go to Enterprise->Configuration->Configuration Extensions
Click Create
10
Enter Name. Select Target Type, Sample Target and Creds. Click Add.
11
12
13
Click Save
14
Deploy to Targets
15
Click Add
16
17
Click Save
18
19
20
21
22
Go to Compliance->Library
23
24
25
26
27
28
29
Click Search
30
31
32
Enter conditions
33
Choose a target
34
35
Run Test
36
Click Close
37
38
39
Rule Created.
Confirm creation
40
41
42
43
44
45
Change Importance
46
Associate Targets
47
Click Add
Add targets
48
49
Click OK.
50
Click YES
Confirm message
51
View Results
52
53
View Summary
54
Select Rule. Select Violation Events Tab. Select a Violation to see details.
55
We could have
entered a
recommendation on
how to address the
violation in the rule
which would show
here.
56
Example
End
57
58
Command
SQL Based
If not, you must create custom monitoring credentials for target type
File Based
59
60
61
62
63
Cancel Creation
64
Setup->Security->Monitoring Credentials
65
66
67
68