Topic
  • 1 reply
  • Latest Post - ‏2014-01-22T21:27:30Z by Jeff Saxton
lynchmv
lynchmv
5 Posts

Pinned topic How to use Custom Relevance SCM Content Wizard

‏2013-11-14T15:29:37Z |

So, I have a check I want to add to my custom site for configuration management.  I want to check if the following relevance results to true:

 

if (exists file "/etc/audit/auditd.conf") then ( (md5 of file "/etc/audit/auditd.conf") as string = "89b2986346eb8afd7430723dbe70db47" ) else ( false )

 

If the relevance results to false, I then need to take action via a Remediation ActionScript, which I underdstand how to accomplish.

 

My question is, how can I use the "Create Custom Relevance SCM Content" wizard to tie this in to my applicability fixlet?  I'm not interested in the Fixlet Description field, that's just fluff and I can handle the "Remediation ActionScript" section.  I need to know what should the "Compliance Relevance" and the "Analysis Relevance" be for the check.

I've looked for examples online, but turned up nothing that seemed to point me in the right direction.

  • Jeff Saxton
    Jeff Saxton
    21 Posts
    ACCEPTED ANSWER

    Re: How to use Custom Relevance SCM Content Wizard

    ‏2014-01-22T21:27:30Z  

    first off, you need the relevance to return true or the action will never become applicable. The Analysis relevance can be anything you want

    so you probably want something like this:

     

    if ( exists file "/etc/passwd" ) then not (md5 of file "/etc/passwd" = "9bd190008db2daa7a5f9a113b657d24c") else true

     

    and your analysis relevance could be:

     if ( exists file "/etc/passwd" ) then (if (md5 of file "/etc/passwd" = "9bd190008db2daa7a5f9a113b657d24c") then "good doggy" else "bad doggy")  else "no doggie"

     

    or whatever you want.

     

  • Jeff Saxton
    Jeff Saxton
    21 Posts

    Re: How to use Custom Relevance SCM Content Wizard

    ‏2014-01-22T21:27:30Z  

    first off, you need the relevance to return true or the action will never become applicable. The Analysis relevance can be anything you want

    so you probably want something like this:

     

    if ( exists file "/etc/passwd" ) then not (md5 of file "/etc/passwd" = "9bd190008db2daa7a5f9a113b657d24c") else true

     

    and your analysis relevance could be:

     if ( exists file "/etc/passwd" ) then (if (md5 of file "/etc/passwd" = "9bd190008db2daa7a5f9a113b657d24c") then "good doggy" else "bad doggy")  else "no doggie"

     

    or whatever you want.