hi, i’m using openSCAP installed on kali linux which is in turn installed on virtual box …
I installed the sw from cli … I use this command to start a scan of my system:
“oscap xccdf eval --profile xccdf_org.ssgproject.content_profile_ospp --results-arf results.xml --report report.html /usr/share/xml/scap/ssg/content/ssg-rhel8-ds.xml”
however, the result of all the scanning functions is always this:
The RHEL part of the security guide does very specific checks (like against /etc/os-release) to ensure the scan is actually applicable and can be done accurately.
You would need to build a patched version of the security guide as we do with our own packages. See our patch and the spec file. When you build the custom content, you would then use ssg-rl8-ds.xml or whatever is produced.
I responded to your other thread about this with a link to our article on running SCAP scans for rocky locally. Its possible to run remote scans as well, if thats what you are asking, from any system running the SCAP workbench. You would just need to copy the existing scap content from a rocky 8/9 system to your SCAP workbench host.