The compliance list command is available to all users. With the verbose –v and profile –p options, this command lists the benchmarks and their short descriptions; the profiles for each benchmark; assessments and whether reports exist for them; and reports.
Example 1 Listing All Benchmarks, Profiles, Assessments, and ReportsIn this example, the administrator has specified pci and recommended on the command line as assessment names. The other assessment names were generated by the compliance assess command without specified assessment names.
$ compliance list -vp Benchmarks: pci-dss: Solaris_PCI-DSS PCI-DSS Security/Compliance benchmark for Oracle Solaris solaris: Baseline, Recommended Oracle Solaris Security Policy Assessments: pci: log report.html results.xccdf.xml recommended: log report.html report.xml results.xccdf.xml results.xml pci-dss.Solaris_PCI-DSS.2015-10-10,10:12: log report.html results.xccdf.xml solaris.Baseline.2015-10-10,15:10: log report.html results.xccdf.xml solaris.Baseline.2015-10-10,15:20: No reports have been generatedExample 2 Locating Files in the Compliance Repository
The reports of assessments are stored in the /var/share/compliance/assessments directory, also known as the repository. In this example, an administrator with the Compliance Reporter rights profile views the names and locations of the reports in the recommended directory.
$ pfexec compliance report -a recommended /var/share/compliance/assessments/recommended/report.html
$ compliance report -f log -a recommended /var/share/compliance/assessments/recommended/log
$ compliance report -f xccdf -a recommended /var/share/compliance/assessments/recommended/results.xccdf.xml