1

I am working with DISA STIGs and trying to use Ansible to scan a system then populate the information in the XML STIG checklist. The problem is the XML schema is not the easiest. It is a very flat design which means I need to search for a something like SRG-OS-000355-VMM-001330 in the below example and then modify the <STATUS> and <FINDING_DETAILS>

The below is a snippet that I have removed most of the XML just to keep it short.

How would you go about searching for an <ATTRIBUTE_DATA> then modify a <STATUS> and <FINDING_DETAILS> within the same <VULN>.

If it were JSON this would be fairly straight forward but so far I am not able to even start the search.

<CHECKLIST>
    <STIGS>
        <iSTIG>
            <VULN>
                <STIG_DATA>
                    <VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
                    <ATTRIBUTE_DATA>SV-ESXI-70-000020</ATTRIBUTE_DATA>
                </STIG_DATA>
                                <STATUS>NotAFinding</STATUS>
                                <FINDING_DETAILS> </FINDING_DETAILS>
            </VULN>
            <VULN>
                <STIG_DATA>
                    <VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
                    <ATTRIBUTE_DATA>SRG-OS-000355-VMM-001330</ATTRIBUTE_DATA>
                </STIG_DATA>
                                <STATUS>NotAFinding</STATUS>
                                <FINDING_DETAILS> </FINDING_DETAILS>

My current task is to just search the <VULN> block, thinking once I can find a specific one I can isolate it and modify the fields in it.


- name: find the vuln
  local_action:
    module: community.general.xml
    path: files/DKFX-VMH-502P_ESX7.0_STIG.ckl
    xpath: /CHECKLIST/STIGS/iSTIG/VULN/STIG_DATA/ATTRIBUTE_DATA
    content: attribute
  register: get_element_attribute

- name: debug
  debug:
    var=get_element_attribute
U880D
  • 8,601
  • 6
  • 24
  • 40
Kio
  • 23
  • 4

1 Answers1

1

Currently this answer focus on the part of reading the XML data and providing some keys and values only ...

Given a valid XML file

<?xml version = '1.0' encoding = 'UTF-8' standalone = 'yes'?>
<CHECKLIST>
    <STIGS>
        <iSTIG>
            <VULN>
                <STIG_DATA>
                    <VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
                    <ATTRIBUTE_DATA>SV-ESXI-70-000020</ATTRIBUTE_DATA>
                </STIG_DATA>
                                <STATUS>NotAFinding</STATUS>
                                <FINDING_DETAILS> </FINDING_DETAILS>
            </VULN>
            <VULN>
                <STIG_DATA>
                    <VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
                    <ATTRIBUTE_DATA>SRG-OS-000355-VMM-001330</ATTRIBUTE_DATA>
                </STIG_DATA>
                                <STATUS>NotAFinding</STATUS>
                                <FINDING_DETAILS> </FINDING_DETAILS>
            </VULN>
        </iSTIG>
    </STIGS>
</CHECKLIST>

a minimal example playbook

---
- hosts: localhost
  become: false
  gather_facts: false

  vars:

    XML: "{{ lookup('file', 'disa_stig.xml') }}"
    YML: "{{ XML | ansible.utils.from_xml }}"
    DATA: "{{ YML.CHECKLIST.STIGS.iSTIG.VULN |
              items2dict(key_name='FINDING_DETAILS', value_name='STIG_DATA') }}"

  tasks:

  - debug:
      var: XML

  - debug:
      var: YML

  - debug:
      var: DATA

will give access to some of the keys and values.

TASK [debug] ******************************************
ok: [localhost] =>
  YML:
    CHECKLIST:
      STIGS:
        iSTIG:
          VULN:
          - FINDING_DETAILS: null
            STATUS: NotAFinding
            STIG_DATA:
              ATTRIBUTE_DATA: SV-ESXI-70-000020
              VULN_ATTRIBUTE: Rule_ID
          - FINDING_DETAILS: null
            STATUS: NotAFinding
            STIG_DATA:
              ATTRIBUTE_DATA: SRG-OS-000355-VMM-001330
              VULN_ATTRIBUTE: Group_Title

TASK [debug] *****************************************
ok: [localhost] =>
  DATA:
    null:
      ATTRIBUTE_DATA: SRG-OS-000355-VMM-001330
      VULN_ATTRIBUTE: Group_Title

For further information you may have a look into

Similar Q&A and Credit To

U880D
  • 8,601
  • 6
  • 24
  • 40