Latest response

Do you need puppet enabled to run OpenScap scans on Satellite 6.4? Or can it be done via foreman


Hello Gene,

Based on paragraph 6.2 of the documentation of Satellite 6.4, I'd say yes. Check it out.

Alternatively, you could run the scans through perhaps ansible (would not have to be Tower), and have them dump the results to a centralized location. However, that of course would avert the features of SCAP with Satellite. Just another method.



And where in the documentation does it say that exactly? I dont think you can. You can upload the scap files to the satellite via foreman. But you cant run it. There are a few ways to do outside of satellite scope but that's not what I'm interested in. Thank You.

Hello Gene,

I've personally been running SCAP and SCAP like scans outside Satellite.

However, from the link I provided previously, from paragraph 62. through 6.5 it seems it does run and provides results (in the documentation). But that being said, it's vague, but maybe going through the vague process cited in: "6.3.6. Adding a Compliance Policy to Hosts" might yield light. I concur with you, it's not exactly clear how to execute it.