HP ProCurve Keywords

Keyword

Example

type

CONFIG_CHECK

CONFIG_CHECK_NOT

RANDOMNESS_CHECK

description

This keyword gives a brief description of the check that is being performed. It is required that description field be unique and no two checks should have the same description field. Tenable uses this field to auto generate a plugin ID number based on the description field.

Example:

description: " Verify login authentication"

info

This keyword allows users to add a more detailed description to the check that is being performed. Multiple info fields are allowed with no preset limit. The info content must be enclosed in double-quotes.

Example:

info: "Verifies login authentication configuration."

see_also

This keyword allows users to include links that might provide helpful information about a check.

reference

This keyword allows including cross references for audit checks.

Example:

reference: "PCI|2.2.3,SANS-CSC|1"

solution

The keyword provides text to include solution text to fix a compliance failure.

Example:

solution: "Modify the configuration to add missing line"

severity

This keyword allows users to set the severity of the check. The severity can be set to HIGH, MEDIUM, or LOW.

Example:

severity: MEDIUM

regex

This keyword allows enumerating items that match a particular regex expression. If a check has “regex” keyword set, but no “expect” or “not_expect” keyword is set, then the check simply reports all items matching the regex.

Example:

regex: "power-state.+"

item

This keyword allows searching within the lines found by regex. If no regex was provided, all lines will be checked.

Example:

regex: "power"

context

This keyword allows searching through a specific context. A context is defined by a left justified line followed by any lines that are prefixed by white space.

Example:

context: "line .*"

The following is a sample config item, that could be audited by leveraging context:

vlan 1

name "DEFAULT_VLAN"

untagged 2-24

ip address dhcp-bootp

no untagged 1

exit

<item>

type: CONFIG_CHECK

description: "HP ProCurve - 'dhcp-bootp'"

context: "vlan 1"

item: "ip address dhcp-bootp"

</item>

The check above will ensure “ip address dhcp-bootp” is set for context “vlan 1”.

min_occurrences

This keyword allows setting a minimum number of occurrences of the check.

Example:

min_occurrences: 3

max_occurrences

Like min_occurrences, but a maximum value instead of a minimum.

required

This keyword allows specifying if a check match is required or not. The value of the required field can be YES, NO, ENABLED, or DISABLED.

Example:

required: YES