From STIG Viewer readme:
File->Import STIG STIGs may be imported as a STIG XML File (.xml) file or as a STIG ZIP File (.zip) bundle.
Import->XCCDF Results File - Import and apply an XCCDF Results file to the STIGs that were used to create the checklist. XCCDF Results will be mapped to their corresponding STIG rules. If any XCCDF Results are imported that do not have a matching rule in the Checklist, a window will pop-up and display the offending rule ID's from the Results file. Supported XCCDF Result formats~ 'HBSS ePO/PAA' and 'SPAWAR'.
-Steve
So, the SPAWAR doc that I found via Google indicated that XCCDF 1.2 is supported so, if the STIGViewer software is functioning correctly, it should be able to process all mandatory, and any valid non-mandatory, XCCDF 1.2 results files.
I couldn't easily find a DTD for the HBSS or SPAWAR XCCDF extensions (if there are any).
If the software does *not* work this way, it would appear to be a bug.
Trevor
On Fri, Aug 18, 2017 at 4:26 PM, Haber, Steven L CTR USARMY SEC (US) < steven.l.haber.ctr@mail.mil> wrote:
From STIG Viewer readme:
File->Import STIG STIGs may be imported as a STIG XML File (.xml) file or as a STIG ZIP File (.zip) bundle.
Import->XCCDF Results File
- Import and apply an XCCDF Results file to the STIGs that were used to
create the checklist. XCCDF Results will be mapped to their corresponding STIG rules. If any XCCDF Results are imported that do not have a matching rule in the Checklist, a window will pop-up and display the offending rule ID's from the Results file. Supported XCCDF Result formats~ 'HBSS ePO/PAA' and 'SPAWAR'.
-Steve
scap-security-guide mailing list -- scap-security-guide@lists. fedorahosted.org To unsubscribe send an email to scap-security-guide-leave@ lists.fedorahosted.org
scap-security-guide@lists.fedorahosted.org