Deploying custom checks and using custom ID mapping

Custom checks

You can create custom checks in Comply to check a condition on endpoints that may not be included in any benchmark. A custom check can be either PowerShell or VBScript on Windows and bash shell scripts on Linux/OS X. PowerShell scripts should use the file extension .ps1, and VBScript files should use the .vbs extension.

  1. Click tools on the far right of your screen.
  2. Select Manage Custom Checks from the Tools menu.
  3. On the Custom Checks page, click New Custom Check.
  4. Complete the Title, Description, Identifier (can be used to trace back to corresponding custom ID mapping), and the optional Severity fields in the New Custom Check window.
  5. Select the appropriate Platform (Windows or Linux).
  6. Click Select File and locate the file for the custom check.
  7. Click Save. Your custom check will now appear on the Custom Checks page and in the Advanced section of the New Report page when you create a new report.

Note: Custom checks should take less than a minute to run – they can output anything to standard output as long as the last line is a valid rule result string such as pass, fail, or error.

Custom ID mappings

Custom ID mappings allow you to create a custom column on results that associates a specific tag with a custom check or rule identifier.

  1. Click tools on the far right of your screen.
  2. Select Manage Custom ID Mappings from the Tools menu.
  3. Click New Custom ID on the Custom IDs page.
  4. Enter a Name and Description in the New Custom ID window.
  5. Click Select File and locate the custom ID mapping file.
  6. Click Save. Your custom ID will now appear on the Custom IDs page and in the Advanced section of the New Report page when you create a new report.

Following is the file format used for a custom ID mapping: Rule id | custom id

Example: xccdf_org.cisecurity.benchmarks_rule_1.1.1_Create_Separate_Partition_for_tmp|company_policy_rule_42

Note: A report can only have a single custom ID mapping associated with it; however, it can have multiple benchmarks and custom checks. When selecting the benchmarks and custom checks, be aware that a report is targeted to a single action group.

Download custom check or ID mapping

In order to view, edit, or reuse a custom check or ID mapping, you can download it.

Select a custom check or custom ID and click download .

Last updated: 11/6/2018 4:20 PM | Feedback