Dennis, your part 1 show notes link points to "Complete Jenkins Pipeline Tutorial | Jenkinsfile | Github Webhook, the original one you did," and not part 1 for CIS, other than that great video. It almost worked out the box for OL8 however I had to go and lint/syntax check some of tasks created in the playbook.
Hi John, I've moved away from Oscap now and instead use ansible-lockdown. It's actually pretty easy to use and you can be up and running in a few minutes. Ansible-lockdown doesn't care if you're RHEL, OEL, Centos, alma or Rocky. It just applies the compliance standards you choose. Check it out here: github.com/ansible-lockdown I'll be doing a short video on it soon.
Is it possible to generate remediation files simply from .CKL files/Host/Host OS Type inputted into OpenScap? For example, what if I already scanned the endpoint, have my checklists and need to quickly build a Ansible PB.
Hi Yasser, yes you can run it locally. I'm just used to running Ansible from an [ansible] control node. That's just how I work but yes you are free to run it locally.
@@yasserkhan2297 I don't have time to guide you as I'm working full time. Depending on what OS you're using, checkout this video and some of my others: ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-mOHhYZyooXM.html This ansible Doc contains the information on how to install Ansible on multiple platforms: docs.ansible.com/ansible/latest/installation_guide/intro_installation.html Alternatively, I would recommend this Ansible course. It has lots of demo's and Labs to follow: www.udemy.com/course/diveintoansible/ I know Udemy run lots of promotions so it should it should be cheap.
Hi Arrey, I did this a while ago now but I think there is a part of the this that does need to get some extra info from the internet. (fetch remote resources I think). If you're working in an locked down environment on a corporate network, that could be an issue. I would also lookup ansible-lockdown. This is a very good alternative to CIS - github.com/ansible-lockdown I might do a video on this in the future.
Hi Amit, Checking google, both suse and Ubuntu are supported: SUSE: documentation.suse.com/external-tree/en-us/suma/4.0/suse-manager/reference/audit/audit-openscap-overview.html Ubuntu: ubuntu.com/security/oval I've not scanned either OS using open-scap so have a read. You'll probably need to look both up in more details. Good luck!
Hi, It's not that clear how to do this. Have you looked at: docs.ansible.com/ansible/2.9/modules/ec2_module.html Check instance_profile_name. That might be what you're looking for. Let me know if that resolves it for you.
Checking the OpenScap website, they have this: static.open-scap.org/ssg-guides/ssg-sle15-guide-index.html CIS themselves let you download the PDF for free here: www.cisecurity.org/benchmark/suse_linux I think you have to give them your email for that. Hope that helps.