Quick Start Guide: Creating an Assessor Configuration XML File
Product Name
CIS-CAT Pro Assessor v4
Product Version
all
Date
Oct 19, 2023
Overview
This guide outlines the process of creating a Configuration XML file to store assessment details of multiple local or remote endpoints in CIS-CAT Pro Assessor. An XML file allows the user to configure Benchmarks, Profile levels, interactive values, user properties, and reporting options all in a single file.
Requirements
CIS-CAT Pro Assessor v4 “with GUI” running on a Windows host
An example XML is included in each Assessor release under /config/assessor-config-sample.xml
.
While it is possible to create your Configuration XML file using the above example and a text editor, we recommend populating the initial values using the Assessor GUI. The resulting XML file can then be edited further, and used for both GUI and CLI assessments on all supported platforms.
Walkthrough
1 | Launch the |
2 | Select "Advanced" -> "Add Remote or Local Target System": |
3 | Enter the connection details for the first remote host, and select the desired Benchmark & Profile level: For information on the required protocols & ports for remote assessments, please refer to the Configuration Guide for each target system type. |
4 | On the next screen, select the "Add" button in the top right to include additional systems. The below example shows 3 targets, one Windows Server 2019 host and two Linux systems, each with their own credentials, Benchmarks and Profile levels: |
5 | Once all intended systems are included in the “Target Systems” list, move to the next “Assessment options” screen. Select the report formats and a CIS-CAT Pro Dashboard upload URL (optional). The “Save configuration file“ checkbox near the bottom allows you to save these systems and preferences as a Configuration XML. The path & filename is specified with the “Save As” button: You can also choose to encrypt the configuration file with a password. This helps protect the embedded connection credentials from being viewable in plaintext. If a Configuration XML is encrypted, it is no longer possible to make changes to the file using a text editor. You can however re-import the encrypted XML into the Assessor GUI, supply the chosen password and enact modifications at a later time. |
To load the resulting Configuration XML in a later assessment, use one of the following two methods.
Using the Assessor GUI, choose “Advanced” → “Load a configuration or sessions file”:
Using the Assessor CLI, invoke the file with the
-cfg
parameter:Assessor-CLI.bat -cfg config\my-configuration-file.xml
Keywords; Configuration XML Assessor GUI CLI
Content by Label