CA Client Automation - 14.0

PDF
English

Working with the Scanned Results

Contents
cla140
Contents
The following sections describe what you can do with the scan results.
Results Reported by the Scanner
After the compliance verification, the scanner reports the following results for each rule in the XCCDF file:
  • Pass
    The computer has passed the compliance verification for the selected rule.
  • Fail
    The computer has failed the compliance verification for the selected rule.
  • Error
    An error occurs while performing the compliance verification for the selected rule.
  • Not Checked
    The rule does not contain a check that is defined, making it impossible for the scanner to perform a compliance verification for it.
  • Unknown
    The characteristics being evaluated cannot be found or the characteristics can be found but collected object flag is "not collected".
  • Not Applicable
    The rule is not applicable to the operating environment installed on the agent computer.
View Scan Results
You can view the scan results to see whether an Agent computer passed or failed the compliance verification. The results display against each rule in the XCCDF file. The DSM Explorer and the Web Console present the scan results in an easy-to-read format. You can also open the XCCDF and OVAL test result files to view the scan results.
To view the scan results from the result files
Navigate to the following directory to view the XCCDF and OVAL test result files:
  • agent working directory
    \SCAP_Result_Files on the Agent computer
  • If you have configured the collection of test result files, 
    ITCM_installpath
    \SCAP_Result_Files on the Domain Manager 
    The paths that are mentioned are the default locations of the test result files.
To view the scan results from the GUI
  1. Navigate to
    Computers and Users
    ,
    All Computers
    ,
    Computer Name
    ,
    Inventory
    ,
    SCAP
    , and 
    Inventory Component Name
    .
    Inventory Component Name
    is the value that you specified for the Inventory Node Name field in the SCAP Configuration dialog while creating the inventory detection module.
    The scan results for the selected inventory component are displayed in various sub-nodes.
Queries and Reports
You can create queries or reports that are based on the results that DCS produces, as you do with any other inventory data. 
Predefined Report Templates
The DSM Reporter provides the following predefined report templates for DCS scan results:
  • SCAP Scan Summary
    The summary of the scan results for each computer in the Domain Manager is reported.
  • Flat Score
    The flat score results for each computer in the Domain Manager are reported.
  • Rule Results Overview
    The scan result for all the rules in a checklist for a particular computer is reported.
    This report invokes a run-time query that lets you filter the computers for which you want to view the rule results overview.
  • Patch Results Overview
    The scan result for all the patches in a checklist for a particular computer is reported. This report invokes a run-time query that lets you filter the computers for which you want to view the patch results overview.
  • SCAP Input Files Information
    The details of the input files (SCAP data stream) used in a particular computer for DCS scan is reported. This report invokes a run-time query that lets you filter the computers for which you want to view the input files information.
  • SCAP Output Files Information
    The details of the result files that DCS scan produces on a particular computer is reported. This report invokes a run-time query that lets you filter the computers for which you want to view the output files information.
DCS Log Files
DCS logs are added to the following log files on the Agent computer:
  • TRC_UAM_*.log
    This file contains the logs that are related to compression and decompression of the checklist files, creation and verification of the signatures for the checklist files, and the actual checklist processing.
  • TRC_AMAGENT*.log
    This file contains the logs that are related to compression and decompression of the checklist files, creation and verification of the signatures for the checklist files, and the actual checklist processing.
  • TRC_AMRAPI*.log
    This file contains the logs that are related to the transfer of checklist files and result files to and from the Agent.
On the Manager, DCS scanner logs are added to the following file:
  • TRC_AMSCAP_FTPLUGIN*.log
    This file contains the logs that are related to the transfer of XCCDF result files, OVAL result files, and compressed checklist files to and from the DSM Engine.
The log files are available under
ITCM_installpath
\logs directory. Apart from these logs, the scanner also saves the output of running the OVAL interpreter for each OVAL file in an
ovalfilename
-ovaldi-stdout.txt file under the checklist output directory on the Agent computer.