1. Oracle Solaris 11.4 Compliance Guide
  2. Reporting Compliance to Security Standards
  3. Compliance Reports and Guides
  4. Assessment Report Formats

Assessment Report Formats

After you have run an assessment, the assessment directory contains a log file, a report, and a guide of your system's compliance to that specific assessment. The assessment directory files contain the following information:

  • log – In text form, contains the results for every test that was performed for the assessment and its rule ID. The following example shows a sample entry: 

    Title   The OS version is current
Rule    OSC-53005
Result  pass

  • report.html – In browser-ready form, contains the results for every test that was performed for the assessment and its rule ID, time the test was run, compliance severity (high, medium, or low), description, and remediation assistance. The following example shows a sample entry: 

        Result for Package integrity is verified
    Result: fail
    Rule ID: OSC-54005
    Time: 2016-09-07
      07:07
    Severity: high
      Run 'pkg verify' to check that all installed Oracle Solaris software matches
      the packaging database and that ownership, permissions and content are correct.

     Remediation instructions
      'pkg verify' has produced errors. Rerun the command and evaluate the errors. 
       As appropriate, based on errors found,you should run 'pkg fix <package-fmri>'
       See the pkg(1) man page.

    Remediation script                      
    # pkg verify
    followed by
    # pkg fix <package-fmri>

The following packages showed errors
    pkg:/library/perl-5@0.nn-11.4.n.n.n.n.n          ERROR

  • results.xccdf.xml – Contains the results of every test in the benchmark. In addition to the information that is covered in report.html, the guide contains introductions to the areas that are assessed and references to Oracle Solaris system administration guides.