OVAL is compatible with the Common Vulnerabilities and Exposures (CVE) list. CVE content is determined by the CVE Editorial Board, which is composed of experts from the international information security community. New information about security vulnerabilities discussed on the Community Forum is sent to the CVE Initiative for possible addition to the list. For more information about CVE, MITRE Corporation, or the OVAL Board, go to http://cve.mitre.org.
Other possible status values include:
For more information about the stages of OVAL definitions, go to http://cve.mitre.org.
When OVAL tests are enabled, all available OVAL tests run on the target devices.
You can view OVAL tests and definitions in the Administrator Console.
1. |
a. |
Log in to the appliance Administrator Console, https://appliance_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information. |
b. |
c. |
2. |
Optional: Limit which tests are displayed by using the View By drop-down list or Search field to find OVAL tests by OVAL-ID, CVE Number, operating system, or text. |
3. |
The common definition of the vulnerability as found on the CVE list. | |
The table at the bottom of the OVAL Tests: Definition page displays the list of devices in your network that contain the vulnerability. For convenience, a printer-friendly version of this data is available.
The appliance runs OVAL tests automatically based on the schedule specified in OVAL Settings.
In addition, you can run OVAL tests manually by logging in to the device as Administrator and running debug.bat. This file is usually located in the program data directory. For example: C:\ProgramData\Quest\KACE\kbots_cache\packages\kbots\9
If you are running OVAL tests periodically or if you want to obtain the OVAL test results for only a few devices, you can assign a label to those devices. You can then use the Run Now function to run OVAL tests on those devices only.
For more information about using labels, see About labels.
1. |
a. |
Log in to the appliance Administrator Console, https://appliance_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information. |
b. |
c. |
2. |
Run on the target devices. Only enabled configurations can run. | |
3. |
Limit deployment to devices that belong to specified labels. To select labels, click Edit, drag labels to the Limit Deployment to window, then click Save. | |||||
Limit deployment to specific devices. In the drop-down list, select the devices to which you want to deploy the application. To filter the list, type a few characters in the Devices field. The number next to the field indicates the number of devices available. Scoped users can see only those devices that are associated with their role, when the role is assigned a label. For more information about user roles, see Add or edit User Roles. | |||||
Select the operating systems you want to deploy to.
|
4. |
Run in combination with an event rather than on a specific date or at a specific time. | |||||||||||
Every n minutes/hours |
|||||||||||
Run daily at a specified time, or run on a designated day of the week at a specified time. | |||||||||||
Run on the nth of every month/specific month at HH:MM |
Run on the same day every month, or a specific month, at the specified time. | ||||||||||
Run on the nth weekday of every month/specific month at HH:MM |
Run on the specific weekday of every month, or a specific month, at the specified time. | ||||||||||
Run according to a custom schedule. Use standard 5-field cron format (extended cron format is not supported): Use the following when specifying values:
| |||||||||||
Click to view the task schedule. The Task Schedule dialog box displays a list of scheduled. Click a task to review the task details. For more information, see View task schedules. |
5. |
6. |
The OVAL Report page shows the OVAL tests that have been run since the last time the OVAL definitions were updated.
OVAL results are deleted from this page when OVAL definitions are updated. To save the results, schedule an OVAL device report to run periodically. See Add report schedules.
1. |
a. |
Log in to the appliance Administrator Console, https://appliance_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information. |
b. |
c. |
From the Test detail view, you can view all the devices that failed the OVAL test, and you can assign a label to those devices so that you can patch them later.
1. |
a. |
b. |
3. |
The OVAL Device Compliance page shows a list of devices with OVAL test results. Here, you can view a summary of tests that were run on specific devices.
The label under the Device column in the OVAL Computer Report page is the inventory ID assigned by the appliance Inventory component.
1. |
a. |
Log in to the appliance Administrator Console, https://appliance_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information. |
b. |
c. |
© ALL RIGHTS RESERVED. Conditions d’utilisation Confidentialité Cookie Preference Center