Options:
-h = show options available from command line.
Definition Evaluation Options:
-o <string> = path to the oval-definitions xml file. DEFAULT="definitions.xml"
-v <string> = path to external variable values file. DEFAULT="external-variables.xml"
-e <string> = evaluate the specified list of definitions. Supply definition ids as a comma separated list like: oval:com.example:def:123
-f <string> = path to a file containing a list of definitions to be evaluated. The file must comply with the evaluation-id schema.
Input Validation Options:
-m = do not verify the oval-definitions file with an MD5 hash.
-n = perform Schematron validation of the oval-definitions file.
-c <string> = path to xsl for oval-definitions Schematron validation. DEFAULT="/usr/share/ovaldi/oval-definitions-schematron.xsl"
Data Collection Options:
-a <string> = path to the directory that contains the OVAL schema. DEFAULT="/usr/share/ovaldi"
-i <string> = path to input System Characteristics file. Evaluation will be based on the contents of the file.
Result Output Options:
-d <string> = save data to the specified XML file. DEFAULT="system-characteristics.xml"
-g <string> = path to the oval directives configuration file. DEFAULT="directives.xml"
-r <string> = save results to the specified XML file. DEFAULT="results.xml"
-s = do not apply a stylesheet to the results xml.
-t <string> = apply the specified xsl to the results xml. DEFAULT="/usr/share/ovaldi/results_to_html.xsl"
-x <string> = output xsl transform results to the specified file. DEFAULT="results.html"
Other Options:
-l <integer> = Log messages at the specified level. (DEBUG = 1, INFO = 2, MESSAGE = 3, FATAL = 4)
-p = print all information and error messages.
-y <string> = save the ovaldi.log file to a specific location.
-z = return md5 of current oval-definitions file.
The ovaldi program and xml definitions are not in the default folders as specified above due to the build (had to source the information from multiple sources plus I want to integrate it with Openvas):
I have run the ovaldi startup as follows with gives the problem error message:
user@user:/usr/local/bin$ ./ovaldi -a /usr/local/share/ovaldi/xml/unix-definitions-schema.xsd -m -o /usr/local/share/ovaldi/
&
user@user:~$ /usr/local/bin/ovaldi -m -a /usr/local/share/ovaldi/ -o unix.xml
but the commands below give no error message:
user@user:~$ /usr/local/bin/ovaldi -m -a -o /usr/local/share/ovaldi/unix.xml
&
user@user:~$ /usr/local/bin/ovaldi -m -a -o /usr/local/share/ovaldi/unix.xml -r /usr/local/share/ovaldi/
Hi shayno90,
I noticed some of the input flags were being specified wrong. The "-a" flag specifies the xml directory, not a specific schema file. From your output, I would write that part as "-a /usr/local/share/ovaldi/xml". Secondly, the -o flag specifies the OVAL definitions file. For you this would be listed explicitly as "-o /usr/local/share/ovaldi/unix.xml" assuming that unix.xml file contained your definitions. Thirdly, your -r flag specified a directory and not an output file. If you had wished for this to be output into that same working directory, specify it as "-r /usr/local/share/ovaldi/results.xml". Combined with your intent to skip the validation with the -m flag, the final command to run the tool would be:
/usr/local/bin/ovaldi -m -a /usr/local/share/ovaldi/xml -o /usr/local/share/ovaldi/unix.xml -r /usr/local/share/ovaldi/results.xml
cd'ing into that directory first and calling it more locally would also be fine. If this does not work, please make sure you are running as root to give ovaldi the appropriate permissions (sudo command).
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
That worked Rothenburg, thanks for the advice. I wasn't too sure that all file paths had to be specified for each of the flags and it needed to be run as root.
Result was as follows:
root@user:/home/user# /usr/local/bin/ovaldi -m -a /usr/local/share/ovaldi/xml -o /usr/local/share/ovaldi/unix.xml -r /usr/local/share/ovaldi/results.xml
OVAL Definition Interpreter
Version: 5.9 Build: 1
Build date: Feb 15 2012 15:50:50
Copyright (C) 2002-2011 - The MITRE Corporation
Start Time: Fri Feb 17 10:08:14 2012
** parsing /usr/local/share/ovaldi/unix.xml file.
- validating xml schema.
** checking schema version
- Schema version - 5.9
** skipping Schematron validation
** creating a new OVAL System Characteristics file.
** gathering data for the OVAL definitions.
Collecting object: FINISHED
** saving data model to system-characteristics.xml.
** running the OVAL Definition analysis.
………………………………..
oval:org.mitre.oval:def:10120 unknown
oval:org.mitre.oval:def:10119 unknown
oval:org.mitre.oval:def:10118 unknown
oval:org.mitre.oval:def:10117 unknown
oval:org.mitre.oval:def:10116 unknown
…………………………………………………………….
oval:org.mitre.oval:def:11526 not applicable
oval:org.mitre.oval:def:11514 not applicable
oval:org.mitre.oval:def:11513 not applicable
oval:org.mitre.oval:def:11427 not applicable
oval:org.mitre.oval:def:11412 not applicable
oval:org.mitre.oval:def:10919 not applicable
-------------------------------------
Glad to hear OVALdi is running. Hopefully this answers all your questions.
1) I believe the default directories depend on the package manager used to install OVALdi. I would check what files are being created at that time to make sure. In addition to one of your comments above, the full file path to each flag is not required, relative paths work as well. I just tried to give you something that would work regardless of your working directory.
2) Right now there is only the bundled results_to_html.xsl file which will run if not turned off. You may notice in your output directory that there is also a results.html file. This view gives a more user friendly method to examine results documents.
3) The -m flag is only a disable flag. To have OVALdi perform the MD5 check, remove the flag.
4) I am unsure of what you may be trying to check so I can only say that the oval.xml file will run on any OS, granted that there will be a lot of "not applicable" results.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
1) Normally most Linux packages would install in /usr/bin and /usr/lib hence why I ask since as this is a special setup I had to do this in /usr/local/bin and /usr/local/lib due to the dependencies.
2) I did not view the results.html until now and looks more user friendly than viewing the normal xml file output.
3) If I remove the -m flag, I assume it will search for the MD5 checksum but I am not sure where it will search for this (against the one on the OVAL website) as I cannot find it in my ovaldi directory.
4) I understand you will have to use oval.xml to scan all of the listed OS on the OVAL website as the specific OS xml files will only work properly against their specifc target OS.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Options:
-h = show options available from command line.
Definition Evaluation Options:
-o <string> = path to the oval-definitions xml file. DEFAULT="definitions.xm
l"
-v <string> = path to external variable values file. DEFAULT="external-varia
bles.xml"
-e <string> = evaluate the specified list of definitions. Supply definition
ids as a comma separated list like: oval:com.example:def:123
-f <string> = path to a file containing a list of definitions to be evaluate
d. The file must comply with the evaluation-id schema.
Input Validation Options:
-m = do not verify the oval-definitions file with an MD5 hash.
-c <string> = perform Schematron validation on the input OVAL Definitions. P
ath to an xsl may optionally be specified. DEFAULT="xml\oval-definitions-schemat
ron.xsl"
Data Collection Options:
-a <string> = path to the directory that contains the OVAL schema. DEFAULT="
xml"
-i <string> = path to input System Characteristics file. Evaluation will be
based on the contents of the file.
Result Output Options:
-d <string> = save data to the specified XML file. DEFAULT="system-character
istics.xml"
-g <string> = path to the oval directives configuration file. DEFAULT="direc
tives.xml"
-r <string> = save results to the specified XML file. DEFAULT="results.xml"
-s = do not apply a stylesheet to the results xml.
-t <string> = apply the specified xsl to the results xml. DEFAULT="xml\resul
ts_to_html.xsl"
-x <string> = output xsl transform results to the specified file. DEFAULT="r
esults.html"
-j <string> = perform schema/schematron validation on the output OVAL System
Characteristics. Path to an xsl may optionally be specified. DEFAULT="xml\oval-
system-characteristics-schematron.xsl"
-k <string> = perform schema/schematron validation on the output OVAL Result
s. Path to an xsl may optionally be specified. DEFAULT="xml\oval-results-schemat
ron.xsl"
Other Options:
-l <integer> = Log messages at the specified level. (DEBUG = 1, INFO = 2, MES
SAGE = 3, FATAL = 4)
-p = print all information and error messages.
-y <string> = save the ovaldi.log file to a specific location.
-z = return md5 of current oval-definitions file.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I recently built ovaldi 5.9.1-src on ubuntu 10.04 however I am now trying to launch it and receive the following error message:
"*** Log initialization error: Error initializing log system. Unable to clear log file."
Startup log is below:
user@user:/usr/local/bin$ ./ovaldi -a /usr/local/share/ovaldi/xml/unix-definitions-schema.xsd -m -o /usr/local/share/ovaldi/
OVAL Definition Interpreter
Version: 5.9 Build: 1
Build date: Feb 15 2012 15:50:50
Copyright (C) 2002-2011 - The MITRE Corporation
Start Time: Thu Feb 16 12:45:32 2012
*** Log initialization error: Error initializing log system. Unable to clear log file.
Command Line: ovaldi MD5Hash
Options:
-h = show options available from command line.
Definition Evaluation Options:
-o <string> = path to the oval-definitions xml file. DEFAULT="definitions.xml"
-v <string> = path to external variable values file. DEFAULT="external-variables.xml"
-e <string> = evaluate the specified list of definitions. Supply definition ids as a comma separated list like: oval:com.example:def:123
-f <string> = path to a file containing a list of definitions to be evaluated. The file must comply with the evaluation-id schema.
Input Validation Options:
-m = do not verify the oval-definitions file with an MD5 hash.
-n = perform Schematron validation of the oval-definitions file.
-c <string> = path to xsl for oval-definitions Schematron validation. DEFAULT="/usr/share/ovaldi/oval-definitions-schematron.xsl"
Data Collection Options:
-a <string> = path to the directory that contains the OVAL schema. DEFAULT="/usr/share/ovaldi"
-i <string> = path to input System Characteristics file. Evaluation will be based on the contents of the file.
Result Output Options:
-d <string> = save data to the specified XML file. DEFAULT="system-characteristics.xml"
-g <string> = path to the oval directives configuration file. DEFAULT="directives.xml"
-r <string> = save results to the specified XML file. DEFAULT="results.xml"
-s = do not apply a stylesheet to the results xml.
-t <string> = apply the specified xsl to the results xml. DEFAULT="/usr/share/ovaldi/results_to_html.xsl"
-x <string> = output xsl transform results to the specified file. DEFAULT="results.html"
Other Options:
-l <integer> = Log messages at the specified level. (DEBUG = 1, INFO = 2, MESSAGE = 3, FATAL = 4)
-p = print all information and error messages.
-y <string> = save the ovaldi.log file to a specific location.
-z = return md5 of current oval-definitions file.
The ovaldi program and xml definitions are not in the default folders as specified above due to the build (had to source the information from multiple sources plus I want to integrate it with Openvas):
I have run the ovaldi startup as follows with gives the problem error message:
user@user:/usr/local/bin$ ./ovaldi -a /usr/local/share/ovaldi/xml/unix-definitions-schema.xsd -m -o /usr/local/share/ovaldi/
&
user@user:~$ /usr/local/bin/ovaldi -m -a /usr/local/share/ovaldi/ -o unix.xml
but the commands below give no error message:
user@user:~$ /usr/local/bin/ovaldi -m -a -o /usr/local/share/ovaldi/unix.xml
&
user@user:~$ /usr/local/bin/ovaldi -m -a -o /usr/local/share/ovaldi/unix.xml -r /usr/local/share/ovaldi/
The issue to be corrected is to properly launch ovaldi and parse the xml definitions as in response 6 of a similar thread here:
http://sourceforge.net/projects/ovaldi/forums/forum/776940/topic/4641354
ovaldi program is located in /usr/local/bin
ovaldi xml and definitions in /usr/local/share/ovaldi
Any ideas?
Hi shayno90,
I noticed some of the input flags were being specified wrong. The "-a" flag specifies the xml directory, not a specific schema file. From your output, I would write that part as "-a /usr/local/share/ovaldi/xml". Secondly, the -o flag specifies the OVAL definitions file. For you this would be listed explicitly as "-o /usr/local/share/ovaldi/unix.xml" assuming that unix.xml file contained your definitions. Thirdly, your -r flag specified a directory and not an output file. If you had wished for this to be output into that same working directory, specify it as "-r /usr/local/share/ovaldi/results.xml". Combined with your intent to skip the validation with the -m flag, the final command to run the tool would be:
/usr/local/bin/ovaldi -m -a /usr/local/share/ovaldi/xml -o /usr/local/share/ovaldi/unix.xml -r /usr/local/share/ovaldi/results.xml
cd'ing into that directory first and calling it more locally would also be fine. If this does not work, please make sure you are running as root to give ovaldi the appropriate permissions (sudo command).
That worked Rothenburg, thanks for the advice. I wasn't too sure that all file paths had to be specified for each of the flags and it needed to be run as root.
Result was as follows:
root@user:/home/user# /usr/local/bin/ovaldi -m -a /usr/local/share/ovaldi/xml -o /usr/local/share/ovaldi/unix.xml -r /usr/local/share/ovaldi/results.xml
OVAL Definition Interpreter
Version: 5.9 Build: 1
Build date: Feb 15 2012 15:50:50
Copyright (C) 2002-2011 - The MITRE Corporation
Start Time: Fri Feb 17 10:08:14 2012
** parsing /usr/local/share/ovaldi/unix.xml file.
- validating xml schema.
** checking schema version
- Schema version - 5.9
** skipping Schematron validation
** creating a new OVAL System Characteristics file.
** gathering data for the OVAL definitions.
Collecting object: FINISHED
** saving data model to system-characteristics.xml.
** running the OVAL Definition analysis.
………………………………..
oval:org.mitre.oval:def:10120 unknown
oval:org.mitre.oval:def:10119 unknown
oval:org.mitre.oval:def:10118 unknown
oval:org.mitre.oval:def:10117 unknown
oval:org.mitre.oval:def:10116 unknown
…………………………………………………………….
oval:org.mitre.oval:def:11526 not applicable
oval:org.mitre.oval:def:11514 not applicable
oval:org.mitre.oval:def:11513 not applicable
oval:org.mitre.oval:def:11427 not applicable
oval:org.mitre.oval:def:11412 not applicable
oval:org.mitre.oval:def:10919 not applicable
-------------------------------------
** finished evaluating OVAL definitions.
** saving OVAL results to /usr/local/share/ovaldi/results.xml.
** running OVAL Results xsl: /usr/local/share/ovaldi/xml/results_to_html.xsl.
I have a few queries now, if you can answer:
1.What is the appropriate directory structure for the ovaldi installation on Linux systems i.e. Ubuntu.
2. What is the best way to view the results.xml in a report form such as .pdf etc.
3. Also how do you run the "m" flag to check the MD5sum check at the start?
4. Is it best to only run the unix.xml file on only Unix machines or can oval.xml be run since it contains all the Ovaldi OS xml files?
Thanks in advance!
Glad to hear OVALdi is running. Hopefully this answers all your questions.
1) I believe the default directories depend on the package manager used to install OVALdi. I would check what files are being created at that time to make sure. In addition to one of your comments above, the full file path to each flag is not required, relative paths work as well. I just tried to give you something that would work regardless of your working directory.
2) Right now there is only the bundled results_to_html.xsl file which will run if not turned off. You may notice in your output directory that there is also a results.html file. This view gives a more user friendly method to examine results documents.
3) The -m flag is only a disable flag. To have OVALdi perform the MD5 check, remove the flag.
4) I am unsure of what you may be trying to check so I can only say that the oval.xml file will run on any OS, granted that there will be a lot of "not applicable" results.
1) Normally most Linux packages would install in /usr/bin and /usr/lib hence why I ask since as this is a special setup I had to do this in /usr/local/bin and /usr/local/lib due to the dependencies.
2) I did not view the results.html until now and looks more user friendly than viewing the normal xml file output.
3) If I remove the -m flag, I assume it will search for the MD5 checksum but I am not sure where it will search for this (against the one on the OVAL website) as I cannot find it in my ovaldi directory.
4) I understand you will have to use oval.xml to scan all of the listed OS on the OVAL website as the specific OS xml files will only work properly against their specifc target OS.
I am getting same error on windows platform.
Can you please tell me how to solve this.
C:\Program Files\OVAL\ovaldi-5.10.1.7>ovaldi.exe -m -o definitions.xml
OVAL Definition Interpreter
Version: 5.10.1 Build: 7
Build date: Apr 10 2014 06:35:51
Copyright (c) 2002-2014 - The MITRE Corporation
Start Time: Sat May 02 17:31:27 2015
*** Log initialization error: Error initializing log system. Unable to clear log
file.
Command Line: ovaldi [options] MD5Hash
Options:
-h = show options available from command line.
Definition Evaluation Options:
-o <string> = path to the oval-definitions xml file. DEFAULT="definitions.xm
l"
-v <string> = path to external variable values file. DEFAULT="external-varia
bles.xml"
-e <string> = evaluate the specified list of definitions. Supply definition
ids as a comma separated list like: oval:com.example:def:123
-f <string> = path to a file containing a list of definitions to be evaluate
d. The file must comply with the evaluation-id schema.
Input Validation Options:
-m = do not verify the oval-definitions file with an MD5 hash.
-c <string> = perform Schematron validation on the input OVAL Definitions. P
ath to an xsl may optionally be specified. DEFAULT="xml\oval-definitions-schemat
ron.xsl"
Data Collection Options:
-a <string> = path to the directory that contains the OVAL schema. DEFAULT="
xml"
-i <string> = path to input System Characteristics file. Evaluation will be
based on the contents of the file.
Result Output Options:
-d <string> = save data to the specified XML file. DEFAULT="system-character
istics.xml"
-g <string> = path to the oval directives configuration file. DEFAULT="direc
tives.xml"
-r <string> = save results to the specified XML file. DEFAULT="results.xml"
-s = do not apply a stylesheet to the results xml.
-t <string> = apply the specified xsl to the results xml. DEFAULT="xml\resul
ts_to_html.xsl"
-x <string> = output xsl transform results to the specified file. DEFAULT="r
esults.html"
-j <string> = perform schema/schematron validation on the output OVAL System
Characteristics. Path to an xsl may optionally be specified. DEFAULT="xml\oval-
system-characteristics-schematron.xsl"
-k <string> = perform schema/schematron validation on the output OVAL Result
s. Path to an xsl may optionally be specified. DEFAULT="xml\oval-results-schemat
ron.xsl"
Other Options:
-l <integer> = Log messages at the specified level. (DEBUG = 1, INFO = 2, MES
SAGE = 3, FATAL = 4)
-p = print all information and error messages.
-y <string> = save the ovaldi.log file to a specific location.
-z = return md5 of current oval-definitions file.
I suspect a permissions issue on the log file. Have you tried running your terminal (and therefore ovaldi) with admin privileges?
Thanks running terminal with admin privileges worked for me.