Skip to content
This repository has been archived by the owner on Jan 10, 2025. It is now read-only.

Latest commit

 

History

History
136 lines (93 loc) · 4.9 KB

README.md

File metadata and controls

136 lines (93 loc) · 4.9 KB

Scripts

This folder contains scripts that can be used:

Status: Work in Progress

Please note: this documentation is a work in progress. If you have questions or suggestions, please create an issue with a full description of your question or idea.

Related Resources

Prerequisites

Before you can get started using these scripts, you will need to:

Notes

  • You must run these scripts from within a repo: These scripts are intended to be run from within a copy of this repository that was retrieved using git (i.e. a git clone). If you've followed the instructions for getting a local copy of the repository, then you're all set. But, if you have downloaded a zip of the content or moved the scripts outside of your local copy of the repo, these scripts will not work properly.

Getting Help, Making Suggestions

If you need help using these scripts, please post your questions to the OVAL Repository Mailing List.

If you encounter a bug or have ideas for improving these scripts, please create an issue with a full description of your bug or idea.

Scripts for Content Use

Once you have a local copy of the repository and the scripting prerequisites in place, you're ready to build your own content!

build_oval_definitions_file.py

Use this script to search the repository for the content you want and compile it into an OVAL definitions file you can run.

# First, make sure you have the lastest content & scripts
$ git pull origin master

# Compile all Windows vulnerability definitions into all.windows.vulnerability.xml
$ python3 build_oval_definitions_file.py -o all.windows.vulnerability.xml --family windows --class vulnerability

# Compile all UNIX definitions related to CVE-2014-6509 into CVE.2014.6509.xml
$ python3 build_oval_definitions_file.py -o CVE.2014.6509.xml --family unix --reference_id "CVE-2014-6509"

# See script usage and options
$ python3 build_oval_definitions_file.py -h

Scripts for Content Contribution

Before using these scripts to contribute content, you must have a local copy of the repository,
install the scripting prerequisites and review the content contribution process & guidelines.

oval_decomposition.py

If your submission is a complete OVAL definitions file, you should use this script to extract its component elements and store those elements in the appropriate places in the repository file structure.

# extract elements in my.oval.defintions.file.xml and insert them into the repository
$ python3 oval_decomposition.py -f my.oval.defintions.file.xml

# See script usage and options
$ python3 oval_decomposition.py -h

build_oval_definitions_file.py

If your submission includes updates to elements in the repository, you can use this script to compile those elements into an OVAL definitions file that you can test and validate.

# Compile oval:com.mysite.oval:def:1 into 1.xml and schema validate it
$ python3 build_oval_definitions_file.py -o 1.xml --definition_id="oval:com.mysite.oval:def:1" -v

# See script usage and options
$ python3 build_oval_definitions_file.py -h

validate_oval_definitions_files.py

Schema and schematron validate one or more OVAL definitions files.

# See script usage and options
$ python3 validate_oval_definitions_files.py -h

get_related_elements.py

Get OVAL elements that are related to one or more elements.

# See script usage and options
$ python3 get_related_elements.py -h

Scripts for Content Maintainance

get_repository_stats.py

Get OVAL elements that are related to one or more elements.

# See script usage and options
$ python3 web_get_repository_stats.py -h