1. Oracle Solaris 11.4 Compliance Guide
  2. Centrally Managing Compliance Assessments
  3. About Remote Assessment Features

About Remote Assessment Features

The following parameters can be set for local and remote assessments.

  • Default policy – The policy that is assessed when no benchmark, profile, or tailoring is passed to the compliance assess command. For examples of listing and setting policy, see How to Schedule a Regular Assessment of a System Using Its Default Policy.

  • Metadata – Identifiers that are available or that you add to an assessment.

    Metadata or matches are system-defined and user-defined keys and values for tagging assessments. You can use the system keys to select assessments, and you can create your own keys and values with which to tag and select assessments. The selection mechanism supports general boolean expressions on the keys and supports selections based on time ranges. For examples, see Tagging Assessments With Metadata and Using Metadata to Manage Assessments.

  • Assessment name – The following list illustrates the naming conventions.

     basic.2016-12-29,11:11
        basic
            UUID: d0deea3e-3e56-11e6-978b-9f0b610d6a70
            UUID: c9d9c748-3e58-11e6-978d-9f0b610d6a70
        default.2016-12-29,11:15
        roster1.2016-12-29,11:10

    • The first name is from running a tailoring named basic.

    • The UUID names are from the basic tailoring when the name of two assessments would be identical. Typically, names are identical when the time stamps are identical.

    • The third name is from running an assessment when no argument is passed to the compliance assess command.

    • The final name is from running a roster named roster1.

    The default naming convention is usually sufficient. See Listing All Benchmarks, Profiles, Assessments, and Reports.

  • Where the assessment is stored – The storage can be local or remote. The default is local storage, but with the -s RAD-URI option, specifies the RAD-URI storage location. For examples, see Using a Common Store for Compliance Assessments.

  • Where policy is listed or set, features are listed or set, or assessment is run – The operation can be local or remote. The default is a local operation, but with the -N RAD-URI option, the specified RAD-URI can be a remote node. For examples of listing and setting features remotely, see How to Schedule a Regular Assessment of a System Using Its Default Policy.

Assessments can also be run asynchronously from a roster. A roster is a list of remote systems and their assessment parameters that you create to pass to the compliance assess command. For examples, see Running Multiple Remote Assessments and the compliance-roster(8) man page.