Skip to content

Instantly share code, notes, and snippets.

@frezbo

frezbo/gist:2228c3ea3f7b68f51209a5a8559eb6f4

Forked from nemonik/gist:951a0e55436e0708222b
Created November 22, 2017 15:57
Show Gist options
  • Save frezbo/2228c3ea3f7b68f51209a5a8559eb6f4 to your computer and use it in GitHub Desktop.
Save frezbo/2228c3ea3f7b68f51209a5a8559eb6f4 to your computer and use it in GitHub Desktop.
Download ZIP
A Python script to extract data out of DISA STIG Viewer xccdf file to a CSV
Raw
gistfile1.txt
###
# A Python script to extract data out of a DISA STIG Viewer xccdf file to a CSV
# @author Michael Joseph Walsh <[email protected]>
##
import csv
import glob
import os
import sys
import xml.etree.ElementTree as ET
reload(sys)
sys.setdefaultencoding('utf-8')
with open('tmp.csv', 'ab+') as csvfile:
fieldnames = ['HOST_NAME', 'HOST_IP', 'Vuln_Num', 'Severity', 'Group_Title', 'Rule_ID', 'Rule_Ver', 'Rule_Title', 'Fix_Text']
output = csv.DictWriter(csvfile, fieldnames=fieldnames)
output.writeheader()
for filename in glob.glob("*.xml"):
print "processing: " + filename
tree = ET.parse(filename)
root = tree.getroot()
row = {}
for asset in root.iter('ASSET'):
row['HOST_NAME'] = asset.find('HOST_NAME').text
row['HOST_IP'] = asset.find('HOST_IP').text
for vuln in root.iter('VULN'):
for stig_data in vuln.findall('STIG_DATA'):
if (stig_data.find('VULN_ATTRIBUTE').text in ['Vuln_Num', 'Severity', 'Group_Title', 'Rule_ID', 'Rule_Ver', 'Rule_Title', 'Fix_Text']):
row[stig_data.find('VULN_ATTRIBUTE').text] = stig_data.find('ATTRIBUTE_DATA').text
output.writerow(row)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment