AUDIT_XML_VPM Checks
The AUDIT_XML_VPM policy item checks whether the config XML content for the Visual Policy Manager (VPM) matches the content provided by the policy. This is done with the use of XSL transformations against the found XML.
Usage
<custom_item>
type: AUDIT_XML_VPM
description : ["description"]
xsl_stmt : ["XSLT transformations"]
expect/not_expect : ["lines to match against"]
(optional) regex : ["regular expression to reduce config options"]
</custom_item>
Keywords
Keyword | Description |
---|---|
xsl_stmt |
XSLT transformations are used to process returned data to gather a specific configuration. The xsl_stmt tag can be a single entry, or multiple entries. Single entry example: <custom_item> type : AUDIT_XML_VPM description : "Test AUDIT_XML_VPM - individual xsl_stmt" xsl_stmt : "<xsl:template match=\"vpmapp\"> <xsl:text>Text line</xsl:text><xsl:text> </xsl:text> <xsl:text>Value-of select 1 - </xsl:text><xsl:value-of select=\"conditionObjects/clnt-cipher/@name\"/><xsl:text> </xsl:text> <xsl:text>Value-of select 2 - </xsl:text><xsl:value-of select=\"conditionObjects/clnt-cipher/@v\"/> </xsl:template>" expect : "ECDHE-RSA-AES256-GCM-SHA384" </custom_item> Multiple entry example: <custom_item> type : AUDIT_XML_VPM description : "Test AUDIT_XML_VPM - individual xsl_stmt" xsl_stmt : "<xsl:template match=\"vpmapp\">" xsl_stmt : "<xsl:text>Text line</xsl:text><xsl:text> </xsl:text>" xsl_stmt : "<xsl:text>Value-of select 1 - </xsl:text><xsl:value-of select=\"conditionObjects/clnt-cipher/@name\"/><xsl:text> </xsl:text>" xsl_stmt : "<xsl:text>Value-of select 2 - </xsl:text><xsl:value-of select=\"conditionObjects/clnt-cipher/@v\"/>" xsl_stmt : "</xsl:template>" expect : "ECDHE-RSA-AES256-GCM-SHA384" </custom_item> |
expect and not_expect |
The AUDIT_XML_VPM evaluation is based on expect or not_expect.
Note: Expect and not_expect are mutually exclusive. You may only use one of the two keywords per check. |
regex | (Optional) The regex is used to filter the full configurations, or each of the context configurations, into a smaller set of lines of text based on the regular expression. Multiple regex keywords can be used to narrow down the searchable configuration, and they are applied in the listed order. |