Feature #23734
open
Added by marcio costa over 6 years ago.
Updated over 6 years ago.
Description
Hello!
I have a question about the global status of the host: after retrieve the scap reports from the host, if the host is not compliant I see in red color: Compliance -> Incompliant (no problem, the host is not compliant yet); but my question is if the host's global status could be a warning and not an error (Status -> Error).
An error may prevent host operation, but the result of the oscap scanner does not, then I think the global status message can be a warning, not an error.
I wait for any comment on this.
Thank you by the attention.
I think that violation of openscap policy should be considered as a serious issue, therefore red. If there are some rules, that are acceptable to be ignored, I'd recommend using tailoring file to disable such rules.
I can imagine new setting, that could customize the behavior, but I'd prefer to keep global status red, unless there's good reason for yellow.
A new configuration for this would be very useful, if the customer can configure the behavior.
I questioned this because we have multiple hosts, all 'green' and working. With the initial deployment of oscap, we would not want to see all 'red' because they are not yet 100% compliant with oscap, because red could actually indicate another more serious fault.
Using a tailoring file with the rules does not become such a practical task when using the available on the web. :)
Thank you for the explanations.
- Tracker changed from Support to Feature
- Bugzilla link set to 1589728
Also available in: Atom
PDF
Updated by 
Updated by