Schematron validation for an OVAL Results file DEPRECATED ATTRIBUTE VALUE IN: ATTRIBUTE VALUE: the tests element should not be included unless full results are to be provided (see directives) the tests element should be included when full results are specified (see directives) - definitions with a result of TRUE should not be included (see directives) - definitions with a result of TRUE should contain THIN content (see directives) - definitions with a result of TRUE should not be included (see directives) xx - definitions with a result of TRUE should contain FULL content (see directives) - definitions with a result of FALSE should not be included (see directives) - definitions with a result of FALSE should contain THIN content (see directives) - definitions with a result of FALSE should not be included (see directives) - definitions with a result of FALSE should contain FULL content (see directives) - definitions with a result of UNKNOWN should not be included (see directives) - definitions with a result of UNKNOWN should contain THIN content (see directives) - definitions with a result of UNKNOWN should not be included (see directives) - definitions with a result of UNKNOWN should contain FULL content (see directives) - definitions with a result of ERROR should not be included (see directives) - definitions with a result of ERROR should contain THIN content (see directives) - definitions with a result of ERROR should not be included (see directives) - definitions with a result of ERROR should contain FULL content (see directives) - definitions with a result of NOT EVALUATED should not be included (see directives) - definitions with a result of NOT EVALUATED should contain THIN content (see directives) - definitions with a result of NOT EVALUATED should not be included (see directives) - definitions with a result of NOT EVALUATED should contain FULL content (see directives) - definitions with a result of NOT APPLICABLE should not be included (see directives) - definitions with a result of NOT APPLICABLE should contain THIN content (see directives) - definitions with a result of NOT APPLICABLE should not be included (see directives) - definitions with a result of NOT APPLICABLE should contain FULL content (see directives) - the specific test is not used in any definition's criteria A valid OVAL Definition document must contain at least one definitions, tests, objects, states, or variables element. The optional definitions, tests, objects, states, and variables sections define the specific characteristics that should be evaluated on a system to determine the truth values of the OVAL Definition Document. To be valid though, at least one definitions, tests, objects, states, or variables element must be present. A valid OVAL Definition document must contain a criteria unless the definition is a deprecated definition. - No state should be referenced when check_existence has a value of 'none_exist'. - Each object referenced by the set must be of the same type as parent object - Each object referenced by the set must be of the same type as parent object - Each object referenced by the set must be of the same type as parent object The value element of the constant_variable can not be empty. The literal_component of variable can not be empty. The item_field attribute of an object_component of variable can not be empty. A literal_component used by an arithmetic function must have a datatype of float or int. The variable referenced by the arithmetic function must have a datatype of float or int. A literal_component used by the begin function must have a datatype of string. The variable referenced by the begin function must have a datatype of string. A literal_component used by the concat function must have a datatype of string. The variable referenced by the concat function must have a datatype of string. A literal_component used by the end function must have a datatype of string. The variable referenced by the end function must have a datatype of string. A literal_component used by the escape_regex function must have a datatype of string. The variable referenced by the escape_regex function must have a datatype of string. A literal_component used by the split function must have a datatype of string. The variable referenced by the split function must have a datatype of string. A literal_component used by the substring function must have a datatype of string. The variable referenced by the substring function must have a datatype of string. A literal_component used by the time_difference function must have a datatype of string or int. The variable referenced by the time_difference function must have a datatype of string or int. A literal_component used by the regex_capture function must have a datatype of string. The variable referenced by the regex_capture function must have a datatype of string. - a var_ref has been supplied for the entity so no value should be provided - inconsistent datatype between the variable and an associated var_ref - The use of '' for the operation attribute of the entity is not valid given the lack of a declared datatype (hence a default datatype of string). - The use of '' for the operation attribute of the entity is not valid given a datatype of binary. - The use of '' for the operation attribute of the entity is not valid given a datatype of boolean. - The use of '' for the operation attribute of the entity is not valid given a datatype of evr_string. - The use of '' for the operation attribute of the entity is not valid given a datatype of fileset_revision. - The use of '' for the operation attribute of the entity is not valid given a datatype of float. - The use of '' for the operation attribute of the entity is not valid given a datatype of ios_version. - The use of '' for the operation attribute of the entity is not valid given a datatype of int. - The use of '' for the operation attribute of the entity is not valid given a datatype of string. - The use of '' for the operation attribute of the entity is not valid given a datatype of version. - a var_ref has been supplied for the entity so a var_check should also be provided - a var_check has been supplied for the entity so a var_ref should also be provided - a var_ref has been supplied for the entity so a var_check should also be provided - a var_check has been supplied for the entity so a var_ref should also be provided item - a value for the entity should only be supplied if the status attribute is 'exists' item - a value for the entity should only be supplied if the mask attribute is 'false' - the object child element of a family_test must reference a family_object - the state child element of a family_test must reference a family_state - datatype attribute for the family entity of a family_state should be 'string' DEPRECATED TEST: ID: - the object child element of a filemd5_test must reference a filemd5_object - the state child element of a filemd5_test must reference a filemd5_state DEPRECATED OBJECT: ID: - datatype attribute for the path entity of a filemd5_object should be 'string' - datatype attribute for the filename entity of a filemd5_object should be 'string' DEPRECATED STATE: ID: - datatype attribute for the path entity of a filemd5_state should be 'string' - datatype attribute for the filename entity of a filemd5_state should be 'string' - datatype attribute for the md5 entity of a filemd5_state should be 'string' - the object child element of a filehash_test must reference a filesha1_object - the state child element of a filehash_test must reference a filesha1_state - datatype attribute for the filepath entity of a filehash_object should be 'string' - datatype attribute for the path entity of a filehash_object should be 'string' - datatype attribute for the filename entity of a filehash_object should be 'string' - datatype attribute for the filepath entity of a filehash_state should be 'string' - datatype attribute for the path entity of a filehash_state should be 'string' - datatype attribute for the filename entity of a filehash_state should be 'string' - datatype attribute for the md5 entity of a filehash_state should be 'string' - datatype attribute for the sha1 entity of a filehash_state should be 'string' - the object child element of an environmentvariable_test must reference a environmentvariable_object - the state child element of an environmentvariable_test must reference a environmentvariable_state - datatype attribute for the name entity of an environmentvariable_object should be 'string' - datatype attribute for the name entity of an environmentvariable_state should be 'string' - The datatype has been set to 'int' but the value is not an integer. - the object child element of an ldap_test must reference an ldap_object - the state child element of an ldap_test must reference an ldap_state - datatype attribute for the suffix entity of an ldap_object should be 'string' - datatype attribute for the relative_dn entity of an ldap_object should be 'string' - datatype attribute for the attribute entity of an ldap_object should be 'string' - datatype attribute for the suffix entity of an ldap_state should be 'string' - datatype attribute for the relative_dn entity of an ldap_state should be 'string' - datatype attribute for the attribute entity of an ldap_state should be 'string' - datatype attribute for the object_class entity of an ldap_state should be 'string' - datatype attribute for the ldaptype entity of an ldap_state should be 'string' - The datatype has been set to 'int' but the value is not an integer. - the object child element of a sql_test must reference a sql_object - the state child element of a sql_test must reference a sql_state - datatype attribute for the engine entity of an sql_object should be 'string' - operation attribute for the engine entity of an sql_object should be 'equals', note that this overrules the general operation attribute validation (i.e. follow this one) - datatype attribute for the version entity of an sql_object should be 'string' - operation attribute for the version entity of an sql_object should be 'equals', note that this overrules the general operation attribute validation (i.e. follow this one) - datatype attribute for the connection_string entity of an sql_object should be 'string' - operation attribute for the connection_string entity of an sql_object should be 'equals', note that this overrules the general operation attribute validation (i.e. follow this one) - datatype attribute for the sql entity of a sql_object should be 'string' - operation attribute for the sql entity of an sql_object should be 'equals', note that this overrules the general operation attribute validation (i.e. follow this one) - datatype attribute for the engine entity of an sql_state should be 'string' - datatype attribute for the version entity of an sql_state should be 'string' - datatype attribute for the connection_string entity of an sql_state should be 'string' - datatype attribute for the sql entity of a sql_state should be 'string' - The datatype has been set to 'int' but the value is not an integer. - the object child element of a textfilecontent54_test must reference a textfilecontent54_object - the state child element of a textfilecontent54_test must reference a textfilecontent54_state - datatype attribute for the filepath entity of a textfilecontent54_object should be 'string' - datatype attribute for the path entity of a textfilecontent54_object should be 'string' - datatype attribute for the filename entity of a textfilecontent54_object should be 'string' - datatype attribute for the pattern entity of a textfilecontent54_object should be 'string' - operation attribute for the pattern entity of a textfilecontent54_object should be 'pattern match' - datatype attribute for the instance entity of a textfilecontent54_object should be 'int' - datatype attribute for the filepath entity of a textfilecontent54_state should be 'string' - datatype attribute for the path entity of a textfilecontent_state should be 'string' - datatype attribute for the filename entity of a textfilecontent54_state should be 'string' - datatype attribute for the pattern entity of a textfilecontent54_state should be 'string' - datatype attribute for the instance entity of a textfilecontent54_state should be 'int' - datatype attribute for the text entity of a textfilecontent_state should be 'string' - The datatype has been set to 'int' but the value is not an integer. DEPRECATED TEST: ID: - the object child element of a textfilecontent_test must reference a textfilecontent_object - the state child element of a textfilecontent_test must reference a textfilecontent_state DEPRECATED OBJECT: ID: - datatype attribute for the path entity of a textfilecontent_object should be 'string' - datatype attribute for the filename entity of a textfilecontent_object should be 'string' - datatype attribute for the line entity of a textfilecontent_object should be 'string' - operation attribute for the line entity of a textfilecontent_object should be 'pattern match' DEPRECATED STATE: ID: - datatype attribute for the path entity of a textfilecontent_state should be 'string' - datatype attribute for the filename entity of a textfilecontent_state should be 'string' - datatype attribute for the line entity of a textfilecontent_state should be 'string' - The datatype has been set to 'int' but the value is not an integer. - the object child element of a variable_test must reference a variable_object - the state child element of a variable_test must reference a variable_state - datatype attribute for the var_ref entity of a variable_object should be 'string' - var_ref attribute for the var_ref entity of a variable_object is prohibited. - datatype attribute for the var_ref entity of a variable_state should be 'string' - var_ref attribute for the var_ref entity of a variable_state is prohibited. - The datatype has been set to 'int' but the value is not an integer. - the object child element of a xmlfilecontent_test must reference a xmlfilecontent_object - the state child element of a xmlfilecontent_test must reference a xmlfilecontent_state - datatype attribute for the filepath entity of a xmlfilecontent_object should be 'string' - datatype attribute for the path entity of a xmlfilecontent_object should be 'string' - datatype attribute for the filename entity of a xmlfilecontent_object should be 'string' - datatype attribute for the xpath entity of a xmlfilecontent_object should be 'string' - operation attribute for the xpath entity of a xmlfilecontent_object should be 'equals', note that this overrules the general operation attribute validation (i.e. follow this one) - datatype attribute for the filepath entity of a xmlfilecontent_state should be 'string' - datatype attribute for the path entity of a xmlfilecontent_state should be 'string' - datatype attribute for the filename entity of a xmlfilecontent_state should be 'string' - datatype attribute for the xpath entity of a xmlfilecontent_state should be 'string' - datatype attribute for the value_of entity of a xmlfilecontent_state should be 'string'