Major edits of draft content into doc content (ch.6)

SUSE · Feb 26, 2025 · eb1c7b0 · eb1c7b0
1 parent fc34156
commit eb1c7b0
Showing 1 changed file with 78 additions and 26 deletions.
diff --git a/xml/art-compliance-scans.xml b/xml/art-compliance-scans.xml
@@ -323,7 +323,7 @@ SLES Expanded Support platform</screen>
   <section xml:id="compliance-scans-list-profiles">
     <title>Choosing an &openscap; compliance profile</title>
     <para>
-      TODO: Add an intro para about choosing a profile to run scans with
+      TODO: Add an intro para about choosing a profile to run scans with, mention rules
     </para>
     <para>
       The &ssg; installs the compliance content under the path
@@ -472,7 +472,7 @@ Result  fail</screen>
       <title>Fetching remote resources during a compliance scan</title>
       <step>
         <para>
-          Make sure the machine where you run the scan has access to
+          Make sure the machine you run the scan from has access to
           <link xlink:href="https://ftp.suse.com"/>:
         </para>
 <screen>&prompt.root;<command>ping ftp.suse.com</command></screen>
@@ -492,7 +492,7 @@ Result  fail</screen>
         <calloutlist>
           <callout arearefs="co-fetch-remote-option">
             <para>
-              Fetches the remote resources from <link xlink:href="ftp.suse.com"/> for use in the
+              Fetches remote resources from <link xlink:href="ftp.suse.com"/> for use in the
               compliance scan.
             </para>
           </callout>
@@ -524,7 +524,7 @@ Result  fail</screen>
       <title>Downloading and saving remote resources for a compliance scan</title>
       <step>
         <para>
-          Create a directory for storing the downloaded resources:
+          Create a directory for storing downloaded resources:
         </para>
 <screen>&prompt.root;<command>mkdir /tmp/scap-files</command></screen>
       </step>
@@ -600,79 +600,131 @@ Result  fail</screen>
   <section xml:id="compliance-scans-use-report">
     <title>Reviewing the &openscap; evaluation report</title>
     <para>
-      The HTML formatted OpenSCAP reports contain information collected off a target system and evaluation of the latter against the selected profile.
+      The HTML-formatted &openscap; report contains information collected from the target system
+      and evaluated against the rules set by the selected compliance profile. The examples below
+      show the main features of the report.
     </para>
-    <para>
-      In the following screenshot, a typical header of a HTML report is displayed, containing information about the chosen security profile.
+    <variablelist>
+      <varlistentry>
+        <term>Report header</term>
+        <listitem>
+          <para>
+      The header of the report shows information about the chosen compliance profile.
     </para>
     <figure xml:id="fig-openscap-report-header-example">
       <title>Header of a typical HTML-formatted report generated by OpenSCAP</title>
       <mediaobject>
         <imageobject role="fo">
-          <imagedata fileref="openscap-report-header-example.png" width="80%"/>
+          <imagedata fileref="openscap-report-header-example.png" width="100%"/>
         </imageobject>
         <imageobject role="html">
           <imagedata fileref="openscap-report-header-example.png" width="80%"/>
         </imageobject>
         <textobject role="description">
-          <phrase>The header of a typical HTML-formatted report generated by OpenSCAP. This example report is titled "Guide to the Secure Configuration of SUSE Liberty Linux 7" and uses the profile "CIS Benchmark for Level 2 - Server".</phrase>
+          <phrase>
+            The header of a typical HTML-formatted report generated by OpenSCAP. This example
+            report is titled "Guide to the Secure Configuration of SUSE Liberty Linux 7" and
+            uses the profile "CIS Benchmark for Level 2 - Server".
+          </phrase>
         </textobject>
       </mediaobject>
     </figure>
-    <para>
-      The report itself contains a summary of passed and failed tests, information about the tested system, and a list of rules included with the security profile, along with test results for each rule.
-    </para>
-    <para>
-      The report is interactive: it is possible to click rule names for more detail, check and uncheck filter options, etc.
-    </para>
-    <para>
-      To receive detailed information on each test result, including remediations, please click “Show all result details” button at the very bottom of the report.
-    </para>
-    <para>
-      Below screenshots show some of the functionality of a HTML report generated by OpenSCAP.
+        </listitem>
+      </varlistentry>
+      <varlistentry>
+        <term>Compliance and Scoring</term>
+        <listitem>
+          <para>
+      The <citetitle>Compliance and Scoring</citetitle> section shows a summary of the
+      compliance scan's results, including the number of passed and failed rules, as well
+      as the severity of the failures.
     </para>
     <figure xml:id="fig-openscap-report-summary-example">
       <title>Summary of results in a typical HTML-formatted report generated by OpenSCAP</title>
       <mediaobject>
         <imageobject role="fo">
-          <imagedata fileref="openscap-report-summary-example.png" width="80%"/>
+          <imagedata fileref="openscap-report-summary-example.png" width="100%"/>
         </imageobject>
         <imageobject role="html">
           <imagedata fileref="openscap-report-summary-example.png" width="80%"/>
         </imageobject>
         <textobject role="description">
-          <phrase></phrase>
+          <phrase>
+            The Compliance and Scoring section shows a green and red color-coded bar indicating
+            the number of passed and failed rules. It also shows a color-coded bar indicating the
+            severity of the failed rules, in this case mostly blue (low) and yellow (medium).
+            There is also a percentage score of passed rules. This example shows 68.72%.
+          </phrase>
         </textobject>
       </mediaobject>
     </figure>
+        </listitem>
+      </varlistentry>
+      <varlistentry>
+        <term>Rule Overview</term>
+        <listitem>
+          <para>
+      The <citetitle>Rule Overview</citetitle> section shows a list of rules included with the
+      compliance profile, along with the severity and test result of each rule. This section is
+      interactive. You can check and uncheck filter options, group rules by different criteria,
+      search the list with a search bar, and click the rule names to see more details.
+    </para>
     <figure xml:id="fig-openscap-report-rules-example">
       <title>List of rules in a typical HTML-formatted report generated by OpenSCAP</title>
       <mediaobject>
         <imageobject role="fo">
-          <imagedata fileref="openscap-report-rules-example.png" width="80%"/>
+          <imagedata fileref="openscap-report-rules-example.png" width="100%"/>
         </imageobject>
         <imageobject role="html">
           <imagedata fileref="openscap-report-rules-example.png" width="80%"/>
         </imageobject>
         <textobject role="description">
-          <phrase></phrase>
+          <phrase>
+            The Rule Overview section shows the full list of rules along with their
+            severity and test results. Above the list is a group of check boxes for filtering
+            the rule list, a search bar to search the list, and a drop-down list of different
+            ways to group the rules in the list.
+          </phrase>
         </textobject>
       </mediaobject>
     </figure>
+        </listitem>
+      </varlistentry>
+      <varlistentry>
+        <term>Rule details and remediation</term>
+        <listitem>
+          <para>
+      Clicking the name of a rule opens a window showing detailed information about that rule.
+      Depending on the rule, the detail window might also include multiple remediation options.
+      Click <guimenu>(show)</guimenu> to expand each remediation option.
+    </para>
     <figure xml:id="fig-openscap-report-rule-details-example">
       <title>Detailed information about a rule</title>
       <mediaobject>
         <imageobject role="fo">
-          <imagedata fileref="openscap-report-rule-details-example.png" width="80%"/>
+          <imagedata fileref="openscap-report-rule-details-example.png" width="100%"/>
         </imageobject>
         <imageobject role="html">
           <imagedata fileref="openscap-report-rule-details-example.png" width="80%"/>
         </imageobject>
         <textobject role="description">
-          <phrase></phrase>
+          <phrase>
+            This example shows details about the rule <literal>Ensure /home Located On Separate
+            Partition</literal>, including the result, the time the test ran, the severity of the
+            rule, clickable references, a description of the rule, and a rationale for the rule.
+            The bottom of the window has an expandable <literal>Remediation script</literal> and
+            <literal>Remediation Anaconda snippet</literal>.
+          </phrase>
         </textobject>
       </mediaobject>
     </figure>
+        </listitem>
+      </varlistentry>
+    </variablelist>
+    <para>
+      You can also expand the details for every rule by clicking
+      <guimenu>Show all result details</guimenu> at the bottom of the report.
+    </para>
   </section>
 
  <xi:include href="common_legal.xml"/>