Unsupported content This version of the documentation is no longer supported. However, the documentation is available for your convenience. You will not be able to leave comments.

The OVAL component

BMC Server Automation supports the Open Vulnerability and Assessment Language (OVAL).

OVAL is an SCAP XML language for representing system configuration information, assessing machine state, and reporting assessment results. BMC Server Automation version 8.3 supports schemas for OVAL version 5.10.12 and earlier.

A proprietary OVAL interpreter based on the open-source OVAL Definition Interpreter (ovaldi) processes the OVAL tests. The OVAL interpreter is bundled with the RSCD agent, a BMC component installed on every server managed by BMC Server Automation.

OVAL content is imported into the BMC Server Automation Console as part of the SCAP data stream. The import process validates the OVAL content against its schema and captures validation errors in a log file which is accessible from the BMC Server Automation Console.

To initiate an SCAP scan, administrators create an SCAP Compliance Job. On each target server selected in the job, an OVAL interpreter performs the vulnerability processing and creates an OVAL results file that is compliant with the OVAL results schema.

The process then synthesizes the results file into a small-sized file and sends it to the BMC Server Automation Application Server. The Application Server creates the XCCDF results file from the collected results. By default, the process deletes the OVAL result files from each target server; however, administrators can configure the SCAP Compliance Jobs to retain those files.

Users can view the XCCDF results in the BMC Server Automation Console. They can also export results from the Console to an XML file. The export includes a .xslt file which enables a fully formatted view of the results in a web browser. In the browser-displayed report, users can click a specific Benchmark rule to view details about the rule, including OVAL IDs associated with the rule. Each listed OVAL ID is an active link to the specific web page about that test on http://oval.mitre.org.

For a list of probes supported by ovaldi, see the Probes Supported by OVAL Definition Interpreter (ovaldi).

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*