Home Linux Central_Management Satellite_6 
Install the packages on the satellite server

yum install ruby193-rubygem-foreman_openscap  puppet-foreman_scap_client rubygem-smart_proxy_openscap
 

restart httpd and foreman-proxy

systemctl restart httpd
systemctl restart foreman-proxy
 

The web interface should now have 

{ Hosts } -> Policies
                    -> SCAP Content
				            -> Reports
 

Assign SCAP Contents to Organiztion and location
 
First Set the Context to Any Context: 
Top left menu set Organization to "Any Organization" and location to "Any Location"

{ Host } -> SCAP Content

edit each
---------
 under Locations tab  select MyLocation
 under Organizations tab  select MyOrg

 [Submit]

Set the context again to MyOrg@MyLocation
 


Setting up puppet to deploy the client
 
{ Configure } -> Puppet Classes
 
click on [ Import from myserver.domain.com

Select  to Add the forman_scap_client  to the desired puppet environments
click [update]

### set smart varialbles ###
{ Configure } -> smart variables

click on port on the line with "port	foreman_scap_client"

  Set the Default value to: 9090
  
click on server on the line with "server    foreman_scap_client"  
  Set the Default value to: myserver.domain.com
 

Create a new SCAP Content
Only need to do this if we are using a custom one. The defaults supplied by redhat should already be here. 

{ hosts } -> SCAP Content


Create a new policy

{ Hosts } -> Policies  
 
# did not assigne a host group yet 
# warning this adds a cronjob  to run the policy checks

Assign a policy to a hosts
 
{ Hosts } -> All Hosts
since we didnt assign to group the class, assign it to the host
edit the host in Puppet class tab  add forman_scap_client

return to { Hosts } -> All Hosts screen and 

[*] the host and use the select action [ Assign Compliance Policy ]
 

Run OpenSCAP audit, by default this should all be done automatically on next puppet run 
??? puppet run for install of client only no? 

but to do it now manually:

Connect to the client and execute puppet agent as root:  puppet agent -t 

look at the crontab: crontab -l 
# crontab -l
0 1 1 * * /usr/bin/foreman_scap_client 1

run the command to get an immediate scan: /usr/bin/foreman_scap_client 1

View the report
 
{ Hosts } -> Reports
# takes a while, theres a cronjob on the satellite server to collect the reports
#  cat /etc/cron.d/rubygem-smart_proxy_openscap
# Send all collected OpenSCAP reports once every 30 minutes
*/30 * * * * foreman-proxy smart-proxy-openscap-send >>/var/log/foreman-proxy/cron.log 2>&1
 

report are stored here before being in the web interface
ls -l /var/spool/foreman-proxy/openscap/arf/

logs
/var/log/foreman-proxy
Updated: 2018-09-01 17:48:37