Generating an OCIL Results file

To incorporate server-specific answers to various manual checks into your SCAP 1.3 and 1.2 content during SCAP analysis, you can generate an Open Checklist Interactive Language (OCIL) Results file based on questions that appear in an OCIL Input file (or OCIL questionnaire).

After you generate the OCIL Results file, you can include it within your SCAP Compliance Job (through the job's Profile Selector panel).

To generate an OCIL Results file

  1. In the TrueSight Server Automation Console, select Actions > SCAP OCIL Result Generator.

  2. In the first panel of the SCAP OCIL Content Selector wizard, enter the following information, and then click Next.

    Field

    Description

    XCCDF Benchmark/OCIL File

    The input file to use for generating the OCIL Results file. Click the Browse icon and select one of the following items from a tree-like display of the Depot:

    • An imported SCAP benchmark that contains an OCIL Input file
    • A standalone OCIL Input file (in XML format) that you added manually to the depot

    Profile

    (Optional) If you specified an SCAP benchmark in the previous field, you can specify a profile from within the benchmark. In this manner, you can limit the contents of the OCIL Results file to a specific set of rules that were designed for a certain class of servers.
    For example, you might want to include only the profile for production servers, but not the profiles for development servers or testing servers.

    Export OCIL Result To (Dir)

    The path to the directory where you want to save the OCIL Results file.

  3. On the Targets panel, select the targets for which you want to enter your answers to the questions in the OCIL questionnaire. To select or remove target servers, use the arrows to move servers between the Available Targets list and the Selected Targets list. Then click Next.
  4. On the OCIL Content Generator panel, click the Questionnaire button.
    This button appears to the right of a summary of basic details about the OCIL Input file.
    After you click the Questionnaire button, details are displayed for the first question in the OCIL Input file.

  5. To enter your server-specific results in answer to the displayed question, perform the following actions:

    1. Click Start at the bottom of the panel.
      The specific question for the associated test action is displayed, along with the list of targets (to the right).
    2. For each displayed target, enter or select your server-specific answer.
    3. Click Next.

    After submitting your server-specific answers to the current question, details are displayed for the next question.

  6. Repeat step 5 for all questions in the OCIL questionnaire.
    After you finish submitting answers to all questions in the OCIL Input file, the basic details of the OCIL Input file are again displayed.
  7. After you have finished entering answers to all questions for all target servers, click Save OCIL Result File & Close (below the basic details of the OCIL Input file).
    The OCIL Results file is saved as an XML file in the specified location.

Where to go from here

To prepare the OCIL Results file for inclusion in an SCAP Compliance Job, add it manually to the depot.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*