I've created a custom security checklist configuration site where I included some of the fixlets from "DISA STIG Checklist for Red Hat 4".
Next to that, I run fixlet "Deploy and Run Security Checklist RedHat 4" (from my new checklist) and then Red Hat clients automatically create, under '/var/opt/BESClient/__BESData/CustomSite_MyChecklist/', a directory structure where it stores data gathered from the server for those specific fixlets I included in my custom checklist.
Looking at the actions from fixlet "Deploy and Run Security Checklist RedHat 4" I see it creates and runs several scripts with info gathered from properties 'x-fixlet-remediate-scripts' and 'x-fixlet-detect-scripts' that are saved on each existing fixlet.
I think I understand how it works. It tooks the fixlet detect and remediate scripts data from those properties and saves it on '/var/opt/BESClient/__BESData/CustomSite_MyChecklist/SCM/Linux/4' (using base64.decode) and then the fixlets use those scripts for remediation and detection.
Now I want to create my custom fixlet with the posibility to work with the same concept, and here is where I crash.
I can't find where should I define the properties 'x-fixlet-remediate-scripts' and 'x-fixlet-detect-scripts' in my custom fixlets (with my scripts data), so when the deploy fixlet reads them, it can create my custom scripts for my specific fixlets.
Is it possible?
Is there any documentation about it?
Thanks in advance.
This topic has been locked.
Pinned topic Customizing Security Checklists
Answered question This question has been answered.
Unanswered question This question has not been answered yet.
Re: Customizing Security Checklists2012-04-10T18:27:19ZThis is the accepted answer. This is the accepted answer.Here is a document that has been prepared to help you create your own custom Unix SCM fixlets that work within the existing framework.
if you need aditional help after reading the documentation I am available to answer questions
Mobile: 650-235-0776 GMT-7
LeoCiociano 27000211HY2 Posts
Re: Customizing Security Checklists2012-04-10T18:52:22ZThis is the accepted answer. This is the accepted answer.Hi Jeff,
Thanks for your answer. I've read the document you told me, but it doesn't say anything about how to edit this metadata.
Looking around, I found out that if I export the fixlet, I'm able to edit its content (the metadata) and then import it again. I didn't try it yet, I'm on testing phase, hope it works.
My question is,
Is this the right procedure?.
Is there any other way to edit these parameters?.
Does TEM console allow me to edit the metadata?.
Is this procedure supported by the application?.
Eric Walker 270004GTCX34 Posts
Re: Customizing Security Checklists2012-06-06T16:38:22ZThis is the accepted answer. This is the accepted answer.
- LeoCiociano 27000211HY
The only supported way to customize SCM content at this time is through the copy wizard that has just been released. In addition, some wizards will soon be available in BigFix labs which will help to make new checks.
In order to make modifications or create new content at the level of detail mentioned in the link that was provided, for the moment you'll need to export the content as XML, modify it and import it again. Doing this in a way that doesn't lead to errors in the console or in the SCA application is challenging but possible.
Over the longer term we hope to gradually roll out a set of functionality that will enable the kind of content authoring you're trying to do. This will be a long term project, and there are no concrete targets at this point, but it's something that we appreciate the need for and are actively working on facilitating.
Re: Customizing Security Checklists2012-06-06T18:08:29ZThis is the accepted answer. This is the accepted answer.
- LeoCiociano 27000211HY
In addition I plan on releasing a tool in the next week or so which will allow you to create custom SCM fixlets
just by pasting in your shell script (in the case of Unix) or Relevance, these will be released in the SCM Labs site.
If you need any further assistance please feel free to call me at +US 650-235-0776, I'm in the PDT timezone.
Re: Customizing Security Checklists2012-10-09T20:13:02ZThis is the accepted answer. This is the accepted answer.Leo,
Fairly recently we released a couple of Wizards that facilitate creation of your own custom SCM content and its integration into
pre-existing SCM sites that have been created with the 'Create Custom Checklist' Wizard, they are:
Create Custom Relevance SCM Content, which allows you to express checks in relevance
Create Custom Unix SCM Content, which allows you to express checks in shell script and will produce content that is compatible
with the 'Deploy and Run' task.
If you need any help with these please feel free to contact me.