After creating a compliance policy, you can run a compliance assessment.
When running a compliance assessment, your system is scanned for compliance against the built-in Compliance Content library and (if applicable) the Compliance Custom Content library. These libraries contain checks and benchmarks and are updated regularly as security standards change. For more information on the custom content library, see Creating and testing custom content components.
After running your assessment, you can view your results and remediate any nodes that are out of compliance.
After running an assessment, the assessment results are identified and shown on the policy home page as:
- Compliant - setting is in its intended state compared to the standard or benchmark.
- Not compliant - setting is not in its intended state compared to the standard or benchmark. Further investigation and possible remediation are recommended.
- Not applicable - The setting is not applicable to this system. For example, if running a CentOS check on AIX.
- Unknown - Assessment or remediation has not been run.
- Error - SaltStack SecOps Compliance encountered an error while running the assessment or remediation.
Before you can run an assessment you must create a compliance policy. For more information, see Create a compliance policy.
- On the SaltStack SecOps Compliance home page, select a policy.
- On the policy home page, click Run assessment and then Run assessment again on the confirmation window.
The Activity window opens. Completed assessments are listed in the Activity window along with their status, Job ID (JID), and other information.
- After the assessment is finished, to view your assessment results, select the policy from the SaltStack SecOps Compliance home page.
The policy home page shows results from the most recent assessment, organized by check. You can filter the list, or select column headings to sort your results. To view assessment results by minion, select Minion.
The assessment is complete and you can review your results. To download the assessment report, select the policy and click.
What to do next
After reviewing your assessment results, you can Remediate your assessment results.