SCAP Policies

The Audit SCAP Policies section displays the compliance policies defined in your organization. Each policy ties together a SCAP content file, an XCCDF profile, and optional tailoring to define a compliance standard.

Click Create to create a new compliance policy. For more information about creating policies, see Create compliance policy.

Each row in the list provides Details, Edit, and Delete action buttons. Use Details to view the policy summary, configuration, and scan history. Use Edit to modify the policy. Use Delete to remove the policy. A confirmation dialog is displayed before deletion.

You can filter the list using the search bar, which searches across the policy name and SCAP content name.

Table 1. SCAP Policies List Columns
Column	Description
Name	The display name of the compliance policy.
Content	The name of the associated SCAP content, or `N/A` if none is assigned.
Systems Scanned	The number of systems that have been scanned using this policy.
Compliance	A compliance badge showing the percentage of compliant systems and the ratio of compliant to total scanned systems.
Actions	Available actions: Details, Edit, and Delete.

1. Create compliance policy

The Audit SCAP Policies Create page allows you to define a new compliance policy.

Table 2. Create Compliance Policy Fields
Field	Required	Description
Policy Name	Yes	A display name for the compliance policy.
Description	No	A brief description of the policy.
SCAP Content	Yes	Select a SCAP content file. The XCCDF Profile list is populated based on this selection.
XCCDF Profile	Yes	Select an XCCDF profile from the chosen SCAP content.
Tailoring File	No	Optionally select a tailoring file to customize the profile. The Tailoring Profile list is populated based on this selection.
Tailoring Profile	No	Select a profile from the chosen tailoring file.
Advanced Arguments	No	Additional command-line arguments, for example: `--rule <rule_id> --remediate`.
OVAL Files	No	Paths to local OVAL definitions on the target system, comma separated.
Fetch Remote Resources	No	Enable fetching of remote resources during scans. This requires internet access and significant memory on the target system.

Enabling Fetch Remote Resources requires internet access and significant available memory on the target minion. Ensure the target system has sufficient resources before enabling this option.

Click Create to save the new policy.

Table 3. Summary Cards
Card	Description
Total Scans	The total number of scans performed using this policy.
Systems Scanned	The number of unique systems scanned.
Compliant Scans	The number of scans where all rules passed.
Compliance Rate	The percentage of scans that are compliant.

3.2. Policy configuration

This panel displays the current configuration of the policy:

SCAP Content
XCCDF Profile
Tailoring File (if configured)
Tailoring Profile (if configured)
OVAL Files (if configured)
Advanced Arguments (if configured)
Fetch Remote Resources (Yes or No)
Description (if provided)

3.3. Scan history

The scan history table shows all scans performed using this policy. Use the checkbox Show only latest scan per system to filter the table to display only the most recent scan for each system.

You can filter the scan history using the search bar, which searches by system name.

Table 4. Scan History Columns
Column	Description
System	The name of the scanned system, linked to the system details page.
Scan Date	The date and time the scan was performed.
Passed	The number of rules that passed.
Failed	The number of rules that failed.
Other	The number of rules that were not selected or not applicable.
Status	The compliance status: `Compliant` (no failures) or `Non-Compliant` (one or more failures).
Actions	Click View Details to view the full XCCDF scan results.

SCAP Policies

1. Create compliance policy

2. Edit compliance policy

3. Policy details

3.1. Summary cards

3.2. Policy configuration

3.3. Scan history